Apple Ex. 1015
`Apple Inc. v. Firstface Co., Ltd.
`IPR2019-00614
`Page 00001
`
`

`

`Patent Application Publication
`
`Jun. 3, 2010 Sheet 1 0f 6
`
`US 2010/0138914 A1
`
`j100
`
`11
`
`'—
`
`LL]
`a:
`Eon:
`EEOI
`”J
`I—Lu
`22
`uJ
`
`
`
`
`
`
`
`
`
`
`
`.1:
`<Lu
`ZSN
`amu—
`EF
`n:
`
`”JD
`0'0
`
`
`
`
`SMARTCARD
`
`IPR2019-00614 Page 00002
`
`Lu
`
`no E
`
`2>L
`
`u
`:2
`LI.|
`
`da
`
`IPR2019-00614 Page 00002
`
`

`

`Patent Application Publication
`
`Jun. 3, 2010 Sheet 2 of6
`
`US 2010/0138914 A1
`
`flmzozmomeé
`
`"%355mg
`
`
`
`mlm8335%525%_
`
`mowmmuommomui
`
`film
`
`a52m28“8582515
`
`
`
`
`
`ansfiEado:>._._m:umw
`
`2min.
`
`
`
`mlomw.82“5:2853
`
`
`
`
`
`moz<m-._.mozwmu_>mo$1.5
`
`
`|
`fl253mg
`
`
`
`.%.zo:<u_z:_>=>_ou.8Nmsmhw>mm2mmmt.__2wz<E
`
`IPR2019-00614 Page 00003
`
`IPR2019-00614 Page 00003
`
`
`
`
`
`

`

`Patent Application Publication
`
`Jun. 3, 2010 Sheet 3 of6
`
`US 2010/0138914 A1
`
`mw<m0hm
`
`._.2m_zom_>_oo
`
`
`
`Nlum.muEmmhz.
`
`
`
`vmmom<o>mo_>_m_>_
`
`._.z_mmmmwz_u_
`
`
`
`Mudmmo<mm
`
`.
`
`azotbm
`
`mwzééozm
`
`‘$23938
`
`292223228
`
`mommmuommomuiflw>mo§m2
`
`mm>_mo2.329222
`
`:9)“.I
`
`own
`
`Elm
`
`CD
`
`5SE:am2o_._.<u_._n_m<
`
`mm<>>Eow
`
`%E225%
`
`IPR2019-00614 Page 00004
`
`IPR2019-00614 Page 00004
`
`
`
`
`
`
`

`

`Patent Application Publication
`
`Jun. 3, 2010 Sheet 4 of6
`
`US 2010/0138914 A1
`
`o
`z
`
`omo>>mm<m
`
`wo_._<>
`
`
`
`$32.;5.4552
`
`>u__.mm>OF
`
`o2
`
`N;
`
`
`
`Mm>omo>>wm<m
`
`
`
`mu_>mom>_m_um_m
`
`3v
`
`
`
`:32i.5355m>_mumm
`
`E:<
`
`omo>>wm<m
`
`mm;
`
`
`
`-mmoZEHmemmm
`
`
`
`oo._<_o._.2En_
`
`
`
`
`
`om<uomo>>mm<anm<u
`
`
`
`mm:.:<u_m._.<u_oz
`
`>u=mm>o._.
`
`Ev
`
`
`
`mo_>m_o532:
`
`-mngI
`
`2%ms:mama:
`
`mowSEE24.8
`
`mow.
`
`as
`
`a;
`
`w;
`
`IPR2019-00614 Page 00005
`
`mo_>m_n_wo._<_o
`
`oz<_>=>_ou
`
`
`
`x032:Hmemmm
`
`
`
`x032:m>_mom_m
`
`a?N3
`
`Se
`
`:25
`
`IPR2019-00614 Page 00005
`
`
`
`
`
`
`
`
`

`

`Patent Application Publication
`
`Jun. 3, 2010 Sheet 5 of6
`
`US 2010/0138914 A1
`
`oz
`
`mo_>m_o
`
`omo>>mm<m
`
`S_._<>
`
`Sm
`
`EEMSE.mumSSE246m
`
`
`
`
`
`mm:.__<n_mk<u_oz_m>jm>_mumm
`
`mom
`
`
`
`$32”.mh<o_n_z_
`
`>u=mm>9.
`
`wmm
`
`oz
`
`can
`
`mm>
`
`
`
`oo._<_n_._.z_mn_
`
`
`
`-xmozmHmemmm3m
`
`.mmwzc
`
`
`
`4&6.+8224...
`
`
`
`:._._>>.uomm<
`
`thnEmQZE
`
`de
`
`
`
`meane581
`
`20;me
`
`Eszmmagma
`
`225%,:ES\
`
`NE
`
`Em
`
`IPR2019-00614 Page 00006
`
`8:5
`
`
`
`532::6mewe,
`
`Sm
`
`._.z_mn_
`
`wo_._<>
`
`IPR2019-00614 Page 00006
`
`
`
`
`
`
`
`
`
`

`

`Patent Application Publication
`
`Jun. 3, 2010 Sheet 6 of6
`
`US 2010/0138914 A1
`
`
`
`$3.4m.mh<u_oz_
`
`EEm>E.
`
`
`
`-mwaEHmemmm
`
`
`
`oo._<_o._.z_mn_
`
`
`
`m>_._m>_mumm
`
`mumSEEz<uw
`
`-mmoZE
`
`._.2En_
`
`EE<>
`
`N5
`
`Em
`
`
`
`_.:._>>.uomm<
`
`HzEnEmeE
`
`
`
`.EnE102:5So
`
`IPR2019-00614 Page 00007
`
`IPR2019-00614 Page 00007
`
`
`
`
`
`
`

`

`US 2010/0138914 A1
`
`Jun. 3, 2010
`
`SYSTEM AND METHOD OF PROVIDING
`BIOMETRIC QUICK LAUNCH
`
`FIELD
`
`[0001] The present application relates generally to launch-
`ing applications on a device and, more particularly, to a sys-
`tem and method of launching applications, access to which is
`controlled, at least in part, by biometric authentication.
`
`BACKGROUND
`
`[0002] As an increasing volume of sensitive personal infor-
`mation is stored on computers, personal and otherwise, it is
`increasingly important that access to these computers is con-
`trolled. Even the most basic user of computers is familiar with
`a requirement to provide a password to gain access to a
`computer and execute various software application on the
`processor of the computer. Such a one-factor authentication
`scheme is based solely on what the user knows, i.e., the
`password. Should the password become known to those other
`than the user whose account access to which is controlled by
`the password, the others can use the password to gain access
`to the user’s account.
`
`To increase security, some computers have been
`[0003]
`configured to implement a two-factor authentication scheme.
`The user is provided with a smart card and a smart card reader
`that may connect to the computer of interest either by wired
`means or wireless means. The smart card may have an asso-
`ciated password previously revealed to the user. Now, to gain
`access to the computer of interest, the user provides a first
`password, which may be called a device password, and a
`second password, which may be called a smart card pass-
`word. The user will only gain access to the computer of
`interest by submitting correct values for both the device pass-
`word and the smart card password. The computer generally
`determines whether the provided smart card is a correct value
`by passing the provided smart card password to the smart card
`reader and receiving a yes or no answer. Such a two-factor
`authentication scheme is based on what the user knows, i.e.,
`the device password and the smart card password, and what
`the user has, i.e., the smart card, since the computer ofinterest
`can not confirm the validity of the provided smart card pass-
`word in the absence of the smart card.
`
`To increase security even further, some computers
`[0004]
`have been configured to implement an additional authentica-
`tion scheme. The additional factor is biometric information.
`
`Biometric information includes fingerprints, retinal scans,
`face geometry scans, hand geometry scans, voice or speech
`prints, etc. In one particular implementation, the smart card
`reader can also have a biometric input device. Now, to gain
`access to the computer of interest, the user provides a device
`password and a smart card password. If the passwords are
`determined to be valid, the user is prompted to provide bio-
`metric information. The user will only gain access to the
`computer of interest if the biometric information submitted
`responsive to the prompt properly matches a previously
`established and stored version of the biometric information.
`
`Incorporating the above-described factors, a three-factor
`authentication scheme may be based on what the user knows,
`i.e., the device password and the smart card password, what
`the user has, i.e., the smart card, and something that is unique
`to the user, e.g., a fingerprint. Accordingly, even if the smart
`card falls into the hands of a nefarious person who also gains
`knowledge of the device password and the smart card pass-
`
`word, the lack of the correct biometric data should keep the
`nefarious person from gaining access to the computer of
`interest.
`
`BRIEF DESCRIPTION OF THE DRAWINGS
`
`[0005] Reference will now be made to the drawings, which
`show by way of example, embodiments of the present disclo-
`sure, and in which:
`[0006]
`FIG. 1 shows in block diagram form a communica-
`tion system suitable for a smart card reader and mobile com-
`munication device in accordance with one embodiment;
`[0007]
`FIG. 2 shows an operational block representation of
`the mobile communication device of FIG. 1 according to one
`embodiment;
`[0008]
`FIG. 3 shows an operational block representation of
`an embodiment of the smart card reader of FIG. 1;
`[0009]
`FIG. 4 illustrates steps in an example method of
`maintaining secure access to the mobile communication
`device of FIG. 1;
`[0010]
`FIG. 5 illustrates steps in an example method of
`launching execution of an application on the mobile commu-
`nication device of FIG. 1 through the provision of biometric
`data and passwords according to an embodiment; and
`[0011]
`FIG. 6 illustrates steps in an example method of
`launching execution of an application on the mobile commu-
`nication device of FIG. 1 through the provision of biometric
`data according to another embodiment.
`
`DETAILED DESCRIPTION
`
`[0012] While three-factor authentication is secure, three-
`factor authentication may be considered time consuming to
`employ every time access to the computer of interest is
`desired. It is clear that any gains in efficiency in accomplish-
`ing the task for which access to the computer is desired would
`be welcome.
`
`[0013] By providing a biometric candidate to a biometric
`input device, a user may cause a computing device to be
`unlocked and cause a specific application to be launched on
`the computing device. The biometric input device may be on
`the computing device or on a peripheral security device that is
`in communication with the computing device. Indeed, the
`specific application may be launched pre-loaded with certain
`data, selection of which data is controlled by the particular
`biometric provided to the biometric input device.
`[0014] According to one aspect described herein, there is
`provided a method of launching applications on a computing
`apparatus. The method includes receiving a biometric candi-
`date, determining that the biometric candidate matches a
`stored biometric template and that the stored biometric tem-
`plate is associated with an application, determining that the
`stored biometric template is associated with unlocking the
`computing apparatus, unlocking said computing apparatus
`and launching execution ofthe application. In other aspects of
`the present application, an apparatus is provided for carrying
`out this method and a computer readable medium is provided
`for adapting a processor to carry out this method.
`[0015] Other aspects and features of the present disclosure
`will become apparent to those of ordinary skill in the art upon
`review of the following description of specific embodiments
`of the present disclosure in conjunction with the accompany-
`ing figures.
`[0016] Reference is first made to FIG. 1, which shows an
`illustrative communication system 100 to which embodi-
`
`IPR2019-00614 Page 00008
`
`IPR2019-00614 Page 00008
`
`

`

`US 2010/0138914 A1
`
`Jun. 3, 2010
`
`ments described herein can be applied. The system 100
`includes one or more mobile communication devices 102
`
`(only one of which is shown in FIG. 1) that are enabled to
`communicate with one or more wireless networks 104 (only
`one of which is shown in FIG. 1). In other embodiments, the
`mobile communication devices 102 may be replaced by or
`augmented with desktop personal computers, notebook com-
`puters, palmtop computers, etc. The wireless network 104
`may be implemented as a packet-based cellular wide area
`wireless network that includes a number ofbase stations each
`
`providing wireless Radio Frequency (RF) coverage to a cor-
`responding area or cell. In some embodiments, instead of, or
`in addition to, a wide area wireless network, the wireless
`network 104 may include a local wireless area network, such
`as for example a wireless local area network that conforms to
`Institute of Electrical and Electronics Engineers (IEEE) 802.
`11 standards such as 802.1 lb and/or 802.1 lg. In at least some
`example embodiments, the wireless network 104 is con-
`nected to one or more enterprise networks 106 (only one of
`which is shown in FIG. 1). The connection between the wire-
`less network 104 and the enterprise network 106 may involve
`an intermediate communications link 108, which may pass
`through additional networks including, for example,
`the
`Internet. The enterprise network 106 may be associated with
`the illustrated mobile device 102, such that the mobile device
`102 is enabled to exchange electronic messages and other
`information with the enterprise network 106. Optionally, the
`mobile device 102 may be associated with a secondary
`mobile device in the form of a smart card reader 110. Addi-
`
`tionally, a user of the mobile device 102 and the smart card
`reader 110 is likely to have access to a personal computer 112
`that is connected to the enterprise network 106 over a com-
`munications link 114. In one embodiment, the communica-
`tions link 114 is a local area network or wide area network
`
`providing organizational connectivity with the enterprise net-
`work 106. The smart card reader 110 may also be used with
`the personal computer 112, through either a wired or wireless
`connection.
`
`FIG. 2 illustrates the mobile communication device
`[0017]
`102 as an example of a device that may be employed in the
`illustrative communication system 100 of FIG. 1. The mobile
`communication device 102 includes a housing, an input
`device (e. g., a keyboard 224 having a plurality ofkeys) and an
`output device (a display 226), which may be a full graphic, or
`full color, Liquid Crystal Display (LCD). Other types of
`output devices may alternatively be utilized. A processing
`device (a microprocessor 228) is shown schematically in FIG.
`2 as coupled between the keyboard 224 and the display 226.
`The microprocessor 228 controls the operation of the display
`226, as well as the overall operation of the mobile communi-
`cation device 102, in part, responsive to actuation of the keys
`on the keyboard 224 by a user. Notably, the keyboard 224 may
`comprise physical buttons (keys) or, where the display 226 is
`a touchscreen device, the keyboard 224 may be implemented,
`at least in part, as “soft keys”. Actuation of a so-called soft key
`involves either touching the display 226 where the soft key is
`displayed or actuating a physical button in proximity to an
`indication, on the display 226, of a temporary action associ-
`ated with the physical button.
`[0018] The housing may be elongated vertically, or may
`take on other sizes and shapes (including clamshell housing
`structures). Where the keyboard 224 includes keys that are
`associated with at least one alphabetic character and at least
`one numeric character, the keyboard 224 may include a mode
`
`selection key, or other hardware or software, for switching
`between alphabetic entry and numeric entry.
`[0019]
`In addition to the microprocessor 228, other parts of
`the mobile communication device 102 are shown schemati-
`
`cally in FIG. 2. These include: a communications subsystem
`202; a short-range communications subsystem 204; the key-
`board 224 and the display 226, along with other input/output
`devices including a set of auxiliary I/O devices 206, a serial
`port 208, a speaker 210 and a microphone 212; as well as
`memory devices including a flash memory 216 and a Random
`Access Memory (RAM) 218; and various other device sub-
`systems 220. The mobile communication device 102 may be
`a two-way radio frequency (RF) communication device hav-
`ing voice and data communication capabilities. In addition,
`the mobile communication device 102 may have the capabil-
`ity to communicate with other computer systems via the
`Internet.
`
`[0020] Operating system software executed by the micro-
`processor 228 may be stored in a computer readable medium,
`such as the flash memory 21 6, but may be stored in other types
`of memory devices, such as a read only memory (ROM) or
`similar storage element. In addition, system software, spe-
`cific device applications, or parts thereof, may be temporarily
`loaded into a volatile store, such as the RAM 218. Commu-
`nication signals received by the mobile device may also be
`stored to the RAM 218.
`
`[0021] The microprocessor 228, in addition to its operating
`system functions, enables execution of software applications
`on the mobile communication device 102. Executable code
`
`for a predetermined set of software applications that control
`basic device operations, such as a voice communications
`module 230A and a data communications module 230B, may
`be installed on the mobile communication device 102 during
`manufacture. A security module 230C may also be installed
`on the mobile communication device 102 during manufac-
`ture, to implement aspects ofthe present application. As well,
`additional software modules, illustrated as an other software
`module 23 ON, which may be, for instance, a PIM application,
`may be installed during manufacture. The PIM application
`may be capable of organizing and managing data items, such
`as e-mail messages, calendar events, voice mail messages,
`appointments and task items. The PIM application may also
`be capable of sending and receiving data items via the wire-
`less network 104 represented by a radio tower. The data items
`managed by the PIM application may be seamlessly inte-
`grated, synchronized and updated via the wireless network
`104 with the device user’s corresponding data items stored or
`associated with a host computer system.
`[0022] Communication functions, including data and voice
`communications, are performed through the communication
`subsystem 202 and, possibly, through the short-range com-
`munications subsystem 204. The communication subsystem
`202 includes a receiver 250, a transmitter 252 and one or more
`antennas, illustrated as a receive antenna 254 and a transmit
`antenna 256. In addition, the communication subsystem 202
`also includes a processing module, such as a digital signal
`processor (DSP) 258, and local oscillators (LOs) 260. The
`specific design and implementation of the communication
`subsystem 202 is dependent upon the communication net-
`work in which the mobile communication device 102 is
`
`intended to operate. For example, the communication sub-
`system 202 of the mobile communication device 102 may be
`designed to operate with the MobitexTM, DataTACTM or Gen-
`eral Packet Radio Service (GPRS) mobile data communica-
`
`IPR2019-00614 Page 00009
`
`IPR2019-00614 Page 00009
`
`

`

`US 2010/0138914 A1
`
`Jun. 3, 2010
`
`tion networks and also designed to operate with any of a
`variety of voice communication networks, such as Advanced
`Mobile Phone Service (AMPS), Time Division Multiple
`Access (TDMA), Code Division Multiple Access (CDMA),
`Personal Communications Service (PCS), Global System for
`Mobile Communications (GSM), Enhanced Data rates for
`GSM Evolution (EDGE), Universal Mobile Telecommunica-
`tions System (UMTS), Wideband Code Division Multiple
`Access (W-CDMA), etc. Other types of data and voice net-
`works, both separate and integrated, may also be utilized with
`the mobile communication device 102.
`
`[0023] Network access requirements vary depending upon
`the type of communication system. Typically, an identifier is
`associated with each mobile device that uniquely identifies
`the mobile device or subscriber to which the mobile device
`
`has been assigned. The identifier is unique within a specific
`network or network technology. For example, in MobitexTM
`networks, mobile devices are registered on the network using
`a Mobitex Access Number (MAN) associated with each
`device and in DataTACTM networks, mobile devices are reg-
`istered on the network using a Logical Link Identifier (LLI)
`associated with each device. In GPRS networks, however,
`network access is associated with a subscriber or user of a
`
`device. A GPRS device therefore uses a subscriber identity
`module, commonly referred to as a Subscriber Identity Mod-
`ule (SIM) card, in order to operate on a GPRS network.
`Despite identifying a subscriber by SIM, mobile devices
`within GSM/GPRS networks are uniquely identified using an
`International Mobile Equipment Identity (IMEI) number.
`[0024] When required network registration or activation
`procedures have been completed, the mobile communication
`device 102 may send and receive communication signals over
`the wireless network 104. Signals received from the wireless
`network 104 by the receive antenna 254 are routed to the
`receiver 250, which provides for signal amplification, fre-
`quency down conversion, filtering, channel selection, etc.,
`and may also provide analog to digital conversion. Analog-
`to-digital conversion of the received signal allows the DSP
`258 to perform more complex communication functions,
`such as demodulation and decoding. In a similar manner,
`signals to be transmitted to the wireless network 104 are
`processed (e.g., modulated and encoded) by the DSP 258 and
`are then provided to the transmitter 252 for digital to analog
`conversion, frequency up conversion, filtering, amplification
`and transmission to the wireless network 104 (or networks)
`via the transmit antenna 256.
`
`In addition to processing communication signals,
`[0025]
`the DSP 258 provides for control of the receiver 250 and the
`transmitter 252. For example, gains applied to communica-
`tion signals in the receiver 250 and the transmitter 252 may be
`adaptively controlled through automatic gain control algo-
`rithms implemented in the DSP 258.
`[0026]
`In a data communication mode, a received signal,
`such as a text message or web page download, is processed by
`the communication subsystem 202 and is input to the micro-
`processor 228. The received signal is then further processed
`by the microprocessor 228 for output to the display 226, or
`alternatively to some auxiliary I/O devices 206. A device user
`may also compose data items, such as e-mail messages, using
`the keyboard 224 and/or some other auxiliary I/O device 206,
`such as a touchpad, a rocker switch, a thumb-wheel, a track-
`ball, a touchscreen, or some other type of input device. The
`composed data items may then be transmitted over the wire-
`less network 104 via the communication subsystem 202.
`
`In a voice communication mode, overall operation
`[0027]
`of the device is substantially similar to the data communica-
`tion mode, except that received signals are output to a speaker
`210, and signals for transmission are generated by a micro-
`phone 212. Alternative voice or audio I/O subsystems, such as
`a voice message recording subsystem, may also be imple-
`mented on the mobile communication device 102. In addi-
`
`tion, the display 226 may also be utilized in voice communi-
`cation mode, for example, to display the identity of a calling
`party, the duration of a voice call, or other voice call related
`information.
`
`[0028] The short-range communications subsystem 204
`enables communication between the mobile communication
`
`device 102 and other proximate systems or devices, which
`need not necessarily be similar devices. For example, the
`short-range communications subsystem 204 may include an
`infrared device and associated circuits and components, or a
`BluetoothTM communication module to provide for commu-
`nication with similarly-enabled systems and devices. For
`example, the smart card reader 110 may be enabled to com-
`municate with the mobile device 102 by way of the short-
`range communications subsystem 204.
`[0029] Reference is next made to FIG. 3, which shows, in
`greater detail, an example embodiment ofa secondary mobile
`device, namely the smart card reader 11 0. The smart card
`reader 11 0 includes a controller including at least one micro-
`processor 310, which is suitably programmed to control the
`overall operation and functions of the smart card reader 110,
`and an output device (e.g., a display module 312). The smart
`card reader 110 further includes peripheral devices or sub-
`systems such as a flash memory 314, a random access
`memory (RAM) 316, a serial port 318 (e.g., a USB port), a
`short-range communications subsystem 320 (e.g., an infrared
`transceiver, wireless bus protocol such as a Bluetooth system
`or any other means of local communications), a storage com-
`ponent interface 322 (e.g., for a memory card or any other
`data storage device), a user input device 324 (e.g., a push
`button), and a biometric information input device 325 (e.g., a
`fingerprint sensor).
`[0030] A fingerprint sensor generally comprises an elec-
`tronic device used to capture a digital image of a fingerprint
`pattern. The captured digital image is called a live scan. As
`part of configuring a fingerprint access system, a live scan
`may be digitally processed to create a biometric template,
`which is stored and used for later matching. A future live scan
`may be similarly digitally processed to create a biometric
`candidate in a format that facilitates matching with the pre-
`viously captured and stored biometric template. Some of the
`more commonly used fingerprint
`sensor
`technologies
`include: optical; ultrasonic; and capacitance.
`[0031] One example fingerprint sensor has a bar shape. A
`silicon sensor constructs a fingerprint as a user swipes a finger
`across the bar. Another example fingerprint sensor has a pad
`shape. A sensor constructs a fingerprint as a user holds a finger
`on the pad, which is designed with a size to accommodate an
`entire fingerprint.
`[0032] The microprocessor 310 operates under stored pro-
`gram control with code or firmware being stored in the flash
`memory 314 (or other type of non-volatile memory device or
`devices). As depicted in FIG. 3, the stored programs include
`an operating system program or code module 326 and other
`programs or software applications indicated generally by ref-
`erence 328. The operating system 326 ofthe smart card reader
`110 further includes a memory card driver component 330.
`
`IPR2019-00614 Page 00010
`
`IPR2019-00614 Page 00010
`
`

`

`US 2010/0138914 A1
`
`Jun. 3, 2010
`
`The memory card driver 330 is responsible for coordinating
`communications between the smart card reader 110 and a
`
`memory card 334 and/or between the smart card reader 110
`and related drivers of a device to be used in conjunction with
`the smart card reader 110, such as the drivers 244 of the
`personal computer 112. The operating system code 326, code
`for specific software applications 328, code for the memory
`card driver 330, or code components thereof, may be tempo-
`rarily loaded into a volatile storage medium such as the RAM
`316. Received communication signals and other data with
`information may also be stored in the RAM 316. Addition-
`ally, the storage component interface 322 receives the remov-
`able memory card 334, providing additional storage space for
`the smart card reader 110. In one embodiment, the memory
`card 334 may be a smart card similar to the smart cards known
`to those skilled in the art. The memory card 334 may include
`fingerprint authentication data, password or pin code related
`data, or other security related data. While operation of the
`smart card reader 110 is described using a smart card, it will
`be understood by those skilled in the art that the smart card
`reader 110 may be designed using any suitable form of
`removable media without departing from the intended scope
`of the smart card reader 110.
`
`[0033] The stored program control (e.g., operating system
`326, software applications 328) for the microprocessor 310
`also includes a predetermined set of applications or code
`components or software modules that control basic device
`operations, for example, management and security related
`control of the data of the smart card reader 110 and may be
`installed on the smart card reader 110 as a component of the
`software applications 328 during the manufacturing process.
`Further applications may also be loaded (i.e., downloaded)
`onto the smart card reader 110 through the operation of the
`serial port 318, the operation of the short-range communica-
`tions subsystem 320 or from the smart card 334. The down-
`loaded code module or components are then installed by the
`user (or automatically) in the non-volatile program memory
`(e.g., the flash memory 314) or the RAM 316.
`[0034] The serial port 318 may comprise a USB-type inter-
`face port for interfacing or synchronizing with another
`device, such as the personal computer 112 or the mobile
`device 102. The serial port 318 is used to exchange data with
`a device such as the personal computer 112 to be stored on the
`smart card 334 that is plugged into the storage component
`interface 322 ofthe smart card reader 110. The serial port 318
`is also used to extend the capabilities of the smart card reader
`110 by providing for information or software downloads,
`including any user interface information, to the smart card
`reader 110.
`
`In various example embodiments, the short-range
`[0035]
`communications subsystem 320 provides an interface for
`communication between the smart card reader 110 and the
`
`personal computer 112 or the mobile device 102. In one
`embodiment,
`the short-range communications subsystem
`320 includes an infrared communication link or channel. In
`
`another embodiment, the subsystem 320 comprises a wireless
`RF bus protocol such as a BluetoothTM communications sub-
`system. However,
`the short-range communications sub-
`system 320 may comprise any suitable local wireless means
`of communication, so long as the short range communica-
`tions subsystem 232 of the personal computer 112 is chosen
`to operate using the same protocol, which may for example
`facilitate wireless communication between the personal com-
`puter 112 and the smart card reader 110. Any suitable com-
`
`munications mechanism and/or protocol may be imple-
`mented for the short range communications subsystems 320
`and 204.
`
`In information technology, biometric authentication
`[0036]
`refers to technologies that measure and analyze human physi-
`cal and behavioral characteristics for authentication pur-
`poses. Examples of physical characteristics include finger-
`prints, eye retinas and irises,
`facial patterns and hand
`measurements, while examples of mostly behavioral charac-
`teristics include signature, gait and typing patterns. Voice is
`considered a mix of both physical and behavioral character-
`istics. However, it can be argued that all biometric traits share
`physical and behavioral aspects.
`[0037] The use of a biometric authentication system begins
`with the collection and storage of template biometrics from
`potential users of the biometric authentication system. At the
`time of desired authentication, the user inputs, to a device (or
`to a peripheral to the device), a “candidate” biometric. Match-
`ing algorithms are then used to compare previously stored
`template biometrics against the candidate biometric. In the
`case where the biometric is an image, an original image
`(template) may be directly compared with a candidate image.
`Alternatively, formation of the template involves identifying
`certain features of an original image. Once the features are
`identified, the template may be formed of location and orien-
`tation information for each of the features. Similarly, a can-
`didate is formed by identifying certain features of a candidate
`image and, subsequently, the template is compared to the
`candidate.
`
`In one application, biometric authentication may be
`[0038]
`used for authenticating the user of a mobile communication
`device.
`
`In some enhanced security embodiments, in order
`[0039]
`for a user to use some or all of the functionality of the mobile
`device 102, the mobile device 102 must be in at least periodic
`communication with its associated smart card reader 110
`
`through the mobile device short-range communications sys-
`tem 204 to receive authorization information stored on the
`
`memory card 334. The authorization information stored on
`the memory card 334 will typically include unique authenti-
`cation information for a designated user of the mobile device
`102, such as biometric templates and/or further authentica-
`tion information such as passwords, etc. Such a configuration
`mitigates against unauthorized use when the mobile device
`102 becomes separated (i.e., out of communications range)
`from the smart card reader 110 with which the mobile device
`
`102 has been paired. According to example embodiments, in
`addition to providing enhanced security functionality, the
`smart card reader 110 is also used to backup data from the
`mobile device 100.
`
`[0040] The auxiliary I/O devices 206 of the mobile device
`102 may include “convenience keys”. Such convenience keys
`may be positioned at specific locations about the housing of
`the mobile device 102. In operation, the convenience keys
`may each be mapped to a function. For instance, actuation of
`one convenience key may launch a web browsing application
`on the mobile device 102. Actuation of another convenience
`
`key may cause a menu to appear on the display 226, where the
`menu allows the user to select a notification profile different
`from the notification profile currently in use. As is known, a
`notification profile may be used to define a manner in which
`the mobile device 102 notifies the user of various events. The
`
`events may include an incoming telephone call, a recently
`received e-mail message, a recently received Short Messag-
`
`IPR2019-00614 Page 00011
`
`IPR2019-00614 Page 00011
`
`

`

`US 2010/0138914 A1
`
`Jun. 3, 2010
`
`ing Service message, a recently received Instant Messaging
`message, an alert that an appointment time is imminent, a
`reminder of a due task, etc. One profile may be used in noisy
`environments and may be defined such that the user is alerted
`using a combination of loud noises and vibrations. Addition-
`ally, another profile may be used in quiet environments and
`may be defined such that a user is not alerted at all.
`[0041] Through the use of convenience keys, execution of
`specific applications can be launched by a single action, e.g.,
`a key press on a convenience key, rather than a series of
`actions, e.g., an actuation to bring up the display of a menu, an
`actuation to scroll through the menu to find a menu item
`associated with the desired application and a further actuation
`to select the desired application.
`[0042] Many people opt for a holster to hold the handheld
`computing device in a manner that allows the handheld com-
`puting device and holster combination to be attached to a belt
`around the waist ofthe user or attached to the outside of a bag.
`[0043] Typical components of a handheld computing
`device include an output device, such as a display screen, an
`input device, such as a keypad, and a battery, to allow opera-
`tion away from fixed power sources. To minimize power use,
`many handheld co