US 9,235,700 B1
`(10) Patent No.:
`a2) United States Patent
`Brown
`(45) Date of Patent:
`*Jan. 12, 2016
`
`
`US009235700B1
`
`(54) HYBRID DEVICE HAVING A PERSONAL
`DIGITAL KEY AND RECEIVER-DECODER
`CIRCUIT AND METHODS OF USE
`
`(71) Applicant: Proxense, LLC, Bend, OR (US)
`
`(72)
`
`Inventor: David L. Brown, Jupiter, FL (US)
`
`(73) Assignee: Proxense, LLC, Bend, OR (US)
`
`(*) Notice:
`
`Subject to any disclaimer, the term ofthis
`patent is extended or adjusted under 35
`U.S.C. 154(b) by 0 days.
`This patent is subject to a terminal dis-
`claimer.
`
`(21) Appl. No.: 14/677,893
`(22) Filed
`Apr.
`2, 2015
`iled:
`2,
`
`pr.
`
`Related U.S. Application Data
`(63) Continuation of application No. 14/171,705, filed on
`Feb. 3. 2014. now Pat. No. 9.049.188. which is a
`continuation of application No. 13/445 825 filed on
`Apr. 12, 2012, now Pat. No. 8,646,049 which is a
`continuation of application No. 12/329 329 filed on
`Dec. 5. 2008. now Pat. No. 8.171.528. _—
`°
`°
`_
`(60) Provisional application No. 60/992,953, filed on Dec.
`6, 2007.
`
`(51)
`
`Int. Cl.
`G06F 21/00
`GO6F 21/35
`HOAL 29/08
`GO6F 21/32
`HO4L 29/06
`HO4AW 12/06
`HO4AW 12/08
`
`(2013.01)
`(2013.01)
`(2006.01)
`(2013.01)
`(2006.01)
`(2009.01)
`(2009.01)
`
`100
`
`(52) U.S. CL
`CPC wee G06F 21/35 (2013.01); GO6F 21/32
`(2013.01); HO4E 63/0853 (2013.01); HO4L
`63/0861 (2013.01); HO4L 67/10 (2013.01);
`HO4AW 12/06 (2013.01); HO4W 12/08 (2013.01)
`(58) Field of Classification Search
`USPC ooeeecicccsecsscnseseesseseeseeseeeeeeeeseeeaeeaesseseeseees 726/3
`See application file for complete search history.
`
`(56)
`
`References Cited
`U.S. PATENT DOCUMENTS
`
`2007/0271194 AL* 11/2007 Walker ............. G06Q 50/188
`705/80
`
`* cited by examiner
`
`Primary Examiner — Jason Lee
`(74) Attorney, Agent, or Firm — Patent Law Works LLP
`(57)
`ABSTRACT
`A hybrid device includes a personaldigital key (PDK) anda
`recelver-decoder circuit (RDC). The PDI and RDC of the
`hybrid device are coupled for communication with each
`other. In one embodiment, the hybrid device also provides a
`physical interconnect for connecting to other devices to send
`and receive control signals and data, and receive power. The
`hybrid device operates in one of several modes including,
`PDKonly, RDC only, or PDK and RDC. This allowsa variety
`of system configurations for mixed operation including:
`PDK/RDC, RDC/RDC or PDK/PDK.The present invention
`also includes a numberof system configurations for use ofthe
`hybrid device including: use of the hybrid device in a cell
`phone; simultaneous use of the PDK and the RDC function-
`ality of hybrid device; use of multiple links of hybrid device
`to generate an authorization signal, use ofmultiple PDK links
`to the hybrid device to generate an authorization signal; and
`use of the hybrid device for authorization inheritance.
`
`20 Claims, 15 Drawing Sheets
`
`PDK 102
`
`Service
`Blk 112A
`112B
`112C
`
`Application 120A
`Sensor 108
`
`
`Biometrics
`104
`
`Petitioner’s Ex. 1001 , Page 1
`
`Petitioner’s Ex. 1001 , Page 1
`
`

`

`U.S. Patent
`
`Jan. 12, 2016
`
`Sheet 1 of 15
`
`US 9,235,700 B1
`
`YO}uoneoddy
`
`
`
`80}JOSUeSZO4dd
`
`|Ol
`asbt|gh)
`soUJewolg
`V8}Aey
`SSa00y
`
`ASL
`
`vol
`
`BIAS
`
`Vell4g
`
`Petitioner’s Ex. 1001 , Page 2
`
`Petitioner’s Ex. 1001 , Page 2
`
`

`

`U.S. Patent
`
`Jan. 12, 2016
`
`Sheet 2 of 15
`
`US 9,235,700 B1
`
`Transceiver
`
`Wireless
`
`Application
`
`o A2S&®= P
`
`}
`
`FIG.2
`
`etitioner’s Ex. 1001 , Page 3
`
`Petitioner’s Ex. 1001 , Page 3
`
`

`

`U.S. Patent
`
`Jan. 12, 2016
`
`Sheet 3 of 15
`
`US 9,235,700 B1
`
`MOMJON
`
`OL}
`
`80€
`
`
`
`90BL9}U|Z0¢
`
`
`
`JOMJON(s)apeoy
`
`oujowolg
`
`
`
`80]JoSuaS
`
`JOUODZLE
`
`(SnyeySWOdO/|
`
`JOSS80014
`
`90€
`
`€Old
`
`Petitioner’s Ex. 1001 , Page 4
`
`Petitioner’s Ex. 1001 , Page 4
`
`
`
`

`

`U.S. Patent
`
`Jan. 12, 2016
`
`Sheet 4 of 15
`
`US 9,235,700 B1
`
`uoneoiddy
`
`WA!
`
`
`
`Koysseooy
`
`ast
`
`
`
`OLSS9IA9qSUO|EPUE}S/Od
`
`
`
`QQ}Josuas
`
`ZOMd
`
`ssaooy
`
`V8LLAey
`
`ashl
`
`A8bI
`
`Q0IMaS
`
`VollAIG
`
`deb}
`
`Ocht
`
`vols
`
`Petitioner’s Ex. 1001 , Page 5
`
`Petitioner’s Ex. 1001 , Page 5
`
`

`

`U.S. Patent
`
`Jan. 12, 2016
`
`Sheet 5 of 15
`
`uoneaiddy
`
`0Z1
`
`Keysssooy
`
`asl
`
`uoneoyddy
`
`é0l4dd
`
`
`
`BOING[BUIOIX
`
`
`
`CLGSDIABPOXJOMJON/Od
`
`90}Josues
`
`QdINaS
`
`VebbIg
`
`dell
`
`Zbl
`
`US 9,235,700 B1
`
`GOls
`
`Petitioner’s Ex. 1001 , Page 6
`
`Petitioner’s Ex. 1001 , Page 6
`
`

`

`U.S. Patent
`
`Jan. 12, 2016
`
`Sheet 6 of 15
`
`US 9,235,700B1
`
`1Z0Z)ddy
`
`VellAey
`
`gel)Aey
`
`£707)ddy
`
`gel}Aey
`
`6Z20¢)GayAMOZLddyAcOlMdd
`SO1AsOddINOS
`4gL)Aoy||O8LtAe
`CANE|LA0ZIL
`ddyddy
`EgVelbXd
`Z801
`
`GZOSL}Aey
`
`9Old
`
`cbt
`
`xoz)ddy
`
`OSL}Aey
`
`Adzddy
`
`OSL}Aey
`
`Petitioner’s Ex. 1001 , Page 7
`
`Petitioner’s Ex. 1001 , Page 7
`
`
`
`

`

`U.S. Patent
`
`Jan. 12, 2016
`
`Sheet 7 of 15
`
`US 9,235,700 B1
`
`
`
`Network
`
`oOOo
`M
`i)
`
`NN
`
`=@
`
`2
`P=
`
`DD
`£mca
`8wn”
`
`a=
`
`
`
`<L=i
`
`ss)
`So
`S—!
`
`Coordinator RFCell
`
`Standalone Unit
`
`
`
`
`
`0¢2 WAS
`
`FIG.7
`
`720E
`
`aa
`Qa
`
`f 2°=D~
`
`ToExternal
`
`
`
`ThirdPartyApps720D
`
`Petitioner’s Ex. 1001 , Page 8
`
`Petitioner’s Ex. 1001 , Page 8
`
`

`

`U.S. Patent
`
`Jan. 12, 2016
`
`Sheet 8 of 15
`
`
`
`
`US 9,235,700 B1
`
`FIG. 8
`
`FIG. 9
`
`Petitioner’s Ex. 1001 , Page 9
`
`Petitioner’s Ex. 1001 , Page 9
`
`

`

`U.S. Patent
`
`Jan. 12, 2016
`
`Sheet 9 of 15
`
`US 9,235,700 B1
`
`
`$2919¥dd0901,SH9yOU)VHOTY
`Losuas]|JOJEUIPIOOS|UONeoOdy
`|g0SOliYoOsol(|uoynq)wale
`
`
`
`JES/)OLOL
`
`
`
`|,uoyNnqsassavd
`
`
`
`g0Z0120201
`
`BdIMOSOE)
`
`sJegjoJo}eJ9dOOPO]
`
`|uoyN
`
`OlSls
`
`Petitioner’s Ex. 1001 , Page 10
`
`
`
`
`
`Petitioner’s Ex. 1001 , Page 10
`
`
`
`
`
`

`

`U.S. Patent
`
`Jan. 12, 2016
`
`Sheet 10 of 15
`
`US 9,235,700 B1
`
`OTHER
`
`DEVICE
`
`1106
`
`c
`
`No
`
`O=
`
`FIG.11
`
`Petitioner’s Ex. 1001 , Page 11
`
`— M2>@
`
`OQ
`S—
`2a
`
`Petitioner’s Ex. 1001 , Page 11
`
`

`

`U.S. Patent
`
`Jan. 12, 2016
`
`Sheet 11 of 15
`
`US 9,235,700 B1
`
`
`
`
`
`C0CL9U0Ud[18D
`
`&20Ldd ep0eOGY4201Wdd
`
`Aayyeg9sjueuodwoy
`
`U0[18D
`
`élOld
`
`PIEDWIS
`
`9021
`
`Petitioner’s Ex. 1001 , Page 12
`
`Petitioner’s Ex. 1001 , Page 12
`
`

`

`U.S. Patent
`
`Jan. 12, 2016
`
`Sheet 12 of 15
`
`US 9,235,700 B1
`
`RDC3045
`
`wt
`)—
`
`2o
`
`FIG.13
`
`
`HybridDevice1102
`
`RDC304a
`
`1302
`
`PDK102b
`
`1300
`
`Petitioner’s Ex. 1001 , Page 13
`
`Petitioner’s Ex. 1001 , Page 13
`
`

`

`U.S. Patent
`
`Jan. 12, 2016
`
`Sheet 13 of 15
`
`US 9,235,700 B1
`
`qr0eOdy
`
`
`
`TWNOIS31EVNA
`
`9071
`
`&201Wdd
`
`edeOdy
`
`0Or|
`
`q20l4dd
`
`vlSls
`
`Petitioner’s Ex. 1001 , Page 14
`
`Petitioner’s Ex. 1001 , Page 14
`
`

`

`U.S. Patent
`
`Jan. 12, 2016
`
`Sheet 14 of 15
`
`US 9,235,700 B1
`
`1500
`
`
`
`ENABLESIGNAL
`
`N3
`
`S—
`
`© a P
`
`RDC304a
`
`FIG.15
`
`etitioner’s Ex. 1001 , Page 15
`
`— w
`
`o L>o
`
`D
`OQ
`
`oO—
`
`Petitioner’s Ex. 1001 , Page 15
`
`

`

`U.S. Patent
`
`Jan. 12, 2016
`
`Sheet 15 of 15
`
`US 9,235,700 B1
`
`qv0eOdy
`
`c091
`
`
`
`
`
`SUBTOYU]SONOS
`
`PUQAHqZ0}Mdd
`QZOL1SdlAdq
`
`
`CLO)SUEOYU]BIIAISSSOURWSUU]ainjeds
`
`
`
`
`JOIySS8D9V|4-1AA|JUNODOY
`||8DLIVHEDWPasD
`
`
`
`BdIIMOS!4-IMW/O0Y
`
`[19DcJOYHEDWPAD
`¢JUNODDY
`
`ssoooyg‘dwo5
`
`
`
`PIG)SQueWeyuyony
`
`
`
`
`
`sseooyy‘dwo9
`
`Petitioner’s Ex. 1001 , Page 16
`
`Petitioner’s Ex. 1001 , Page 16
`
`

`

`US 9,235,700 B1
`
`1
`HYBRID DEVICE HAVING A PERSONAL
`DIGITAL KEY AND RECEIVER-DECODER
`CIRCUIT AND METHODSOF USE
`
`CROSS-REFERENCE TO RELATED
`APPLICATIONS
`
`The present application claims priority under 35 U.S.C.
`§120 to U.S. patent application Ser. No. 14/171,705 entitled
`“Hybrid Device Having a Personal Digital Key and Receiver
`Decoder Circuit and Method of Use,” filed Feb. 3, 2014,
`which claimspriority under 35 U.S.C. §120 to US. patent
`application Ser. No. 13/445,825 entitled “Hybrid Device
`Having a Personal Digital Key and Receiver Decoder Circuit
`and Methodof Use,” filed Apr. 12, 2012, now U.S. Pat. No.
`8,646,042, which claims priority under 35 U.S.C. §120 to
`US. patent application Ser. No. 12/329,329 entitled “Hybrid
`Device Having a Personal Digital Key and Receiver Decoder
`Circuit and MethodofUse,”filed Dec. 5, 2008, now U.S. Pat.
`No. 8,171,528, which claims the benefit of priority under 35
`USS.C. §119(e) of U.S. Provisional Application No. 60/992,
`953 entitled “Reverse Prox,”filed on Dec. 6, 2007 by David L.
`Brown, John J. Giobbi and FredS. Hirt. The entire contents of
`all of the foregoing are incorporated by reference herein.
`Applicants hereby notify the USPTO thatthe claimsof the
`present application are different from those of the aforemen-
`tioned related applications. Therefore, Applicant rescinds any
`disclaimer of claim scope made in the parent application,
`grandparent application or any other predecessor application
`in relation to the present application. The Examineris there-
`fore advised that any such disclaimerandthe cited reference
`that it was made to avoid may needto berevisited atthis time.
`Furthermore, the Examiner is also reminded that any dis-
`claimer made in the present application should not be read
`into or against the parent application, the grandparent appli-
`cation or any otherrelated application.
`
`BACKGROUND
`
`1. Field of Art
`
`Theinvention generally relates to personal digital keys and
`corresponding sensors, capable of proximity detection/loca-
`tion determination and auxiliary data services/application
`services. Still more particularly, the present invention relates
`to a hybrid device including a personal digital key (PDK) and
`a receiver-decoder circuit (RDC) and methods for using
`same.
`
`2. Description of the Related Art
`Proximity sensors and location tracking are technologies
`with many applications. For example, proximity sensors can
`be used to provide secure access to physical and/or digital
`assets, based on biometrics, passwords, PINS, or other types
`of authentication. Proximity sensors typically have advan-
`tages of being less cumbersome, easier to use, and more
`flexible in form factor and implementation. Proximity sensors
`can be used to control access to resources and/orto authenti-
`
`cate individuals, for example.
`Onepossible application that can take advantage of prox-
`imity sensors is location tracking RFID tracking is one
`example. In RFID, RFID tags are attached to objects to be
`tracked. RFID readers then interact with the RFID tags to
`determine the location of the tag. Regardless of how it is
`accomplished, location tracking (i.e., knowledge about the
`location of an object or person) is generally useful. For
`example, location tracking information can be used to track
`inventory andtrace the route of objects through various loca-
`tions. It can be used for time and motion studies. If tags are
`
`10
`
`15
`
`20
`
`25
`
`30
`
`35
`
`40
`
`45
`
`50
`
`55
`
`60
`
`65
`
`2
`attached to people, then tracking of people can be used to
`better understand their behavior. Knowledge about a person’s
`location (and/ortheirpast locations and projected future loca-
`tions) could be used to provide better services to that person.
`However, most proximity systems and location tracking
`systems have limited capabilities. Typically, the proximity
`sensor, RFID tag or similar device is a dumb device, in the
`sense that the device is designed andhasthe capability only to
`report its location. For example, such devices typically do not
`have the capabilities to run different applications or to even
`interact with different applications. Furthermore, these sys-
`tems typically are proprietary and narrowly tailored for a
`specific situation, thus preventing easy expandability to other
`situations or third party applications.
`
`SUMMARY
`
`Various drawbacks of the prior art are overcomeby pro-
`viding a hybrid device including a personal digital key (PDK)
`and a receiver-decoder circuit (RDC). The PDK and RDC of
`the hybrid device are coupled for communication with each
`other. In one embodiment, the hybrid device also provides a
`physical interconnect for connecting to other devices to send
`and receive control signals and data, and receive power. The
`hybrid device operates in one of several modes including,
`PDKonly, RDC only, or PDK and RDC. This allowsa variety
`of system configurations for mixed operation including:
`PDK/RDC, RDC/RDC or PDK/PDK.The present invention
`also includes a numberof system configurations for use ofthe
`hybrid device including: use of the hybrid device in a cell
`phone; simultaneous use of the PDK and the RDC function-
`ality of hybrid device; use of multiple links of hybrid device
`to generate an authorization signal, use ofmultiple PDKlinks
`to the hybrid device to generate an authorization signal; use of
`the hybrid device for authorization inheritance and use of the
`hybrid device for automatically disabling a service or feature.
`Other aspects of the invention include systems and com-
`ponents corresponding to the above, and methods corre-
`spondingto all of the foregoing.
`
`BRIEF DESCRIPTION OF THE FIGURES
`
`FIG.1 is a block diagram illustrating one embodimentof a
`system according to the invention.
`FIG.2 is a block diagram illustrating one embodimentof a
`Personal Digital Key (PDK).
`FIG.3 is a block diagram illustrating one embodimentof a
`sensor.
`
`FIGS. 4-6 are block diagramsillustrating further embodi-
`ments of systems accordingto the invention.
`FIG.7 is a block diagram illustrating one embodimentof a
`system with networked sensors.
`FIGS. 8-9 are block diagramsillustrating operation of the
`system in FIG. 7.
`FIG.10 is a diagram illustrating operation of the system in
`FIG.7.
`
`FIG. 11 is a block diagram of one embodimentof a hybrid
`device in accordance with the present invention.
`FIG. 12 is a block diagram of one embodimentof a system
`in which the hybrid device is part of a cell phone in accor-
`dance with the present invention.
`FIG. 13 is a block diagram of one embodimentof a system
`using the PDK and the RDC functionality of hybrid device in
`accordance with the present invention.
`FIG. 14 is a block diagram of one embodimentof a system
`using the multiple links ofhybrid device to generate an autho-
`rization signal in accordance with the present invention.
`Petitioner’s Ex. 1001 , Page 17
`
`Petitioner’s Ex. 1001 , Page 17
`
`

`

`US 9,235,700 B1
`
`3
`FIG.15 is a block diagram of one embodimentof a system
`using the multiple PDK links to the hybrid device to generate
`an authorization signal in accordance with the present inven-
`tion.
`
`FIG.16 is a block diagram of one embodimentof a system
`using the hybrid device for authorization inheritance in accor-
`dance with the present invention.
`The figures depict various embodiments of the present
`invention for purposesofillustration only. One skilled in the
`art will readily recognize from the following discussion that
`alternative embodimentsof the structures and methodsillus-
`
`trated herein may be employed without departing from the
`principles of the invention describedherein.
`
`DETAILED DESCRIPTION
`
`FIG. 1 is a high level block diagram illustrating a system
`for allowing access to multiple applications(or services). The
`system 100 comprises a Personal Digital Key (PDK) 102, a
`sensor 108, a network 110 and one or more applications 120
`(including services). The sensor 108 is coupled to the PDK
`102 by a wireless link 106 and coupled to a network 110 by
`either a wired or wireless link. In this example, the applica-
`tions 120 are also accessed over network 110. The sensor 108
`is also adapted to receive a biometric input 104 from a user
`and is capable of displaying status to a user. In alternative
`embodiments, different or additional resources and databases
`may be coupled to the network 110, including for example
`registries and databases used for validation or to check vari-
`ous registrations of the user. In another embodiment, the
`sensor 108 operates as a standalone device without a connec-
`tion to the network 110.
`
`10
`
`15
`
`20
`
`25
`
`30
`
`The PDK 102 includes multiple service blocks 112A-N as
`described in moredetail in FIG. 2. Each service block 112 is
`
`35
`
`accessed using a correspondingservice block access key 118.
`In this example, the sensor 108 contains three of the service
`block access keys 118A, D, F. The service block access keys
`118 allow the sensor 108 to unlock information stored in the
`corresponding service blocks 112, which information is used
`as local secured information.
`In one example, a biometric is required in order to access
`specific service blocks 112 in the PDK 102. Verification ofthe
`biometric is achieved by using service block 112A. The sen-
`sor 108 stores the corresponding service block access key
`118A and usesthis key to unlock the biometric service block
`112A, whichstores a valid biometric. A current biometric is
`received using biometric input 104. The sensor 108 then
`verifies the stored biometric (from service block 112A)
`against the recently acquired biometric (from input 104).
`Upon properverification, various applications 120 are per-
`mitted to connectto the PDK 102 via the sensor 108 and/or to
`
`gain access to other service blocks 112.
`The system 100 can be used to address applications 120
`where it is important to authenticate an individual for use.
`Generally, the sensor 108 wirelessly receives information
`stored in the PDK 102 that uniquely identifies the PDK 102
`and the individual carrying the PDK 102. The sensor 108 can
`also receive a biometric input 104 from the individual. Based
`on the received information, the sensor 108 determines if
`access to the application 120 should be granted. In this
`example, the system 100 provides authentication without the
`need for PINs or passwords (although PINs and passwords
`maybe used in other implementations). Moreover, personal
`biometric information need not be stored in any local or
`remote storage database andis only stored on the user’s own
`PDK(in one embodiment).
`
`40
`
`45
`
`50
`
`55
`
`60
`
`65
`
`4
`The credibility of the system 100 is ensured by the use of a
`PDK 102 that stores trusted information. The PDK 102is a
`
`compact, portable uniquely identifiable wireless device typi-
`cally carried by an individual. The PDK 102 stores digital
`information in a tamper-proofformat that uniquely associates
`the PDK 102 with an individual. Example embodiments of
`PDKsare described in more detail in U.S. patent application
`Ser. No. 11/292,330, entitled “Personal Digital Key And
`Receiver/Decoder Circuit System And Method”filed on Nov.
`30, 2005; U.S. patent application Ser. No. 11/620,581 entitled
`“Wireless Network Synchronization Of Cells And Client
`Devices On A Network”filed on Jan. 5, 2007; and U.S. patent
`application Ser. No. 11/620,577 entitled “Dynamic Real-
`Time Tiered Client Access”filed on Jan. 5, 2007, the entire
`contents of which are all incorporated herein by reference.
`The sensor 108 wirelessly communicates with the PDK
`102 when the PDK 102is within a proximity zone(i.e., within
`amicrocell) of the sensor 108. The proximity zone can be, for
`example, several meters in radius and preferably can be
`adjusted dynamically by the sensor 108. Thus, in contrast to
`many conventional RF ID devices, the sensor 108 can detect
`and communicate with the PDK 102 without requiring the
`owner to remove the PDK 102 from his/her pocket, wallet,
`purse, etc. Generally, the sensor 108 receives uniquely iden-
`tifying information from the PDK 102 andinitiates an authen-
`tication process for the individual carrying the PDK 102. In
`one embodiment, the sensor 108 is adapted to receive a bio-
`metric input 104 from the individual. The biometric input 104
`comprises a representation of physical or behavioral charac-
`teristics unique to the individual. For example, the biometric
`input 104 can include a fingerprint, a palm print, a retinal
`scan,an iris scan, a photograph,a signature, a voice sample or
`any other biometric information such as DNA, RNA ortheir
`derivatives that can uniquely identify the individual. The sen-
`sor 108 compares the biometric input 104 to information
`received from the PDK 102 to determine authentication.
`
`Alternatively, the biometric input 104 can be obtained by a
`biometric sensor on the PDK 102 and transmitted to the
`sensor 108 for authentication.
`In additional alternative
`embodiment, someorall of the authentication process can be
`performed by the PDK 102 instead of the sensor 108.
`In this example, the sensor 108 is further communicatively
`coupledto the network 110 in orderto receive and/or transmit
`information to remote databases for remote authentication. In
`an alternative embodiment, the sensor 108 includes a non-
`volatile data storage that can be synchronized with one or
`more remote databases or registries. Such an embodiment
`alleviates the need for a continuous connection to the network
`110 and allowsthe sensor 108 to operate ina standalone mode
`and forthe local data storage to be updated when a connection
`is available. For example, a standalone sensor 108 can peri-
`odically download updated registry entries and perform
`authentication locally without any remote lookup.
`In yet another alternative, a standalone sensor 108 may
`have a pre-configured secure access key 118 and encryption
`algorithm, or a variable access key 118 that changes, for
`example based on time and sensor ID. One example applica-
`tion would be a sensor 108 located ina hotel room door, where
`the sensor could constantly compute a different access key
`118 based on time, and the PDK 102 could be associated with
`this key during the hotel registration process.
`The network 110 provides communication between the
`sensor 108 and various validation databases and/orregistries,
`in addition to the applications 120. In one embodiment, the
`network 110 uses standard communications technologies
`and/or protocols. Thus, the network 110 can include links
`using technologies such as Ethernet, 802.11, 802.16, inte-
`Petitioner’s Ex. 1001 , Page 18
`
`Petitioner’s Ex. 1001 , Page 18
`
`

`

`US 9,235,700 B1
`
`5
`grated services digital network (ISDN), digital subscriberline
`(DSL), asynchronous transfer mode (ATM), etc. Similarly,
`the networking protocols used on the network 110 can include
`the transmission control protocol/Internet protocol (TCP/IP),
`the hypertext transport protocol (HTTP), the simple mail
`transfer protocol (SMTP), the file transfer protocol (FTP),
`etc. The data exchanged over the network 110 can be repre-
`sented using technologies and/or formats including the
`hypertext markup language (HTML), the extensible markup
`language (XML), etc. In addition, all or someof links can be
`encrypted using conventional encryption technologies such
`as the secure sockets layer (SSL), Secure HTTP and/orvirtual
`private networks (VPNs). In another embodiment, the entities
`can use custom and/or dedicated data communications tech-
`
`nologies instead of, or in addition to, the ones described
`above.
`
`In one aspect, the sensor 108 may connectto a validation
`database that stores additional information that may be used
`for authorizing a transaction to be processedat the sensor. For
`example, in purchase transactions, the sensor 108 may inter-
`act with a credit card validation database that is separate from
`the merchant providing the sale. Alternatively, a different
`database may be usedto validate different types ofpurchasing
`means such as a debit card, ATM card, or bank account
`number.
`In another aspect, the sensor 108 may connectto various
`registries that store, among other items, PDK,notary, and/or
`sensor information. In one embodiment, a registry stores
`biometric or other types of information in an encoded format
`that can only be recovered using an algorithm or encoding key
`stored in the PDK.Information stored in the registries can be
`accessed by the sensor 108 via the network 110 for use in the
`authentication process. Two basic types of registries are pri-
`vate registries and a Central Registry. Private registries are
`generally established and administered by their controlling
`entities (e.g., a merchant, business authority, or other entity
`administering authentication). Private registries can be cus-
`tom configured to meet the specialized and independent
`needs of each controlling entity. A Central Registry is a
`highly-secured, centrally-located database administered by a
`trusted third-party organization. In one embodiment, all
`PDKs102 are registered with the Central Registry and may be
`optionally registered with one or more selected private regis-
`tries. In alternative embodiments, a different numberor dif-
`ferent types of registries may be coupled to the network 110.
`Theservice blocks 112 can be used for purposesother than
`user authentication. For example, information used or pro-
`duced by an application 120 can be transferred back and forth
`to the corresponding service block 112. That is, each service
`block 112 can be used as a local secure memory for the
`corresponding application 120. Thus, a service 120B may
`store certain sensitive information in service block 112B, and
`a separate service 120C will not be able to access that infor-
`mation without the corresponding access key 118B. In this
`example, the sensor 108 only holds access keys 118A, D, F
`and does not hold access key 118B. The application 120B
`may hold the access key 118B, thus allowing it to access
`service block 112B but preventing application 120C from
`accessing the service block 112B. Note that this implemen-
`tation would also prevent the sensor 108 acting alone from
`accessing the service block 112B.
`Turning now to FIG. 2, an example embodiment of a PDK
`102 is illustrated. The PDK 102 comprises a memory 210,
`control logic 250, wireless application 260 and a transceiver
`270. The PDK 102 can be standaloneas a portable, physical
`device or can be integrated into commonlycarried items. For
`example, a PDK 102 can be integrated into a portable elec-
`
`10
`
`20
`
`25
`
`30
`
`35
`
`40
`
`45
`
`50
`
`55
`
`60
`
`65
`
`6
`tronic device such as a cell phone, Personal Digital Assistant
`(PDA), or GPS unit, an employee identification tag, clothing,
`or jewelry items such as watches, rings, necklaces or brace-
`lets. In one embodiment, the PDK 102 can be, for example,
`aboutthe size ofa Subscriber Identity Module (SIM)card and
`be as small as a squareinch in area orless. In another embodi-
`ment, the PDK 102 can be easily contained in a pocket, ona
`keychain, or in a wallet. The PDK can also contain other
`components not shown, for example various other inputs,
`outputs and/or interfaces (serial or parallel).
`The memory 210 can be a read-only memory, a once-
`programmable memory, a read/write memory or any combi-
`nation of memory types, including physical access secured
`and tamperproofmemories. The memory 210 typically stores
`a unique PDK ID 212. The PDK ID 212 comprises a public
`section and a private section of information, each of which
`can be used for identification and authentication. In one
`
`embodiment, the PDK ID 212 is stored in a read-only format
`that cannot be changed subsequent to manufacture. The PDK
`ID 212 is used as an identifying feature of a PDK 102 and
`distinguishes between PDKs102in private or Central registry
`entries. In an alternative embodiment, the registries can iden-
`tify a PDK 102 by a different ID than the PDK ID 212 stored
`in the PDK 102, or may use both the PDK ID 212 and the
`different ID in conjunction. The PDK ID 212 can also be used
`in basic PDK authentication to ensure that the PDK 102is a
`valid device.
`The memory 210 also stores the various service blocks
`112A-N. Whethera particular service block 112 is stored in
`volatile or non-volatile memory may be determined by the
`specific application. In one approach, the original issuer of
`the PDK defines how the internal memory 210 may be used
`for service blocks 112. In somecases, the issuer may choose
`to only allow their service blocks to be stored, in which case
`third party applications will notbe able to store service blocks
`in memory 210. In other cases, the issuer may allow anythird
`party service 120 to use available service blocks 112. Ifa new
`service block is created, then memory forthat service block is
`allocated. The specific location of the service block and gen-
`eration of the corresponding service block access key can be
`handled by the PDK 102, or can be handled via an external
`service.
`
`Regardless of how created, once created, external applica-
`tions (such as applications 120 in FIG. 1) can gain access to a
`specific service block 112 by proving the corresponding
`access key 118. In FIG. 2, this is shown conceptually by
`control logic 250. The wireless application 260 on the PDK
`102 communicates to the sensor (not shown in FIG. 2) via
`transceiver 270. The wireless application provides a service
`block select 226 and a service block access key 118 in order
`to store, retrieve and/or modify data in a service block 112.
`The selector 252 selects a service block 112 based on the
`
`select signal 226 and the access key 118. The encryption
`engine 254 encrypts/decrypts data 228 flowing to/from the
`service block 112 based on the access key 118 (or some other
`key generated based on the access key, for example a session
`key). In an alternate method, the service block 112 may be
`selected based on the service block access key 118, eliminat-
`ing the need for a separate select signal 226.
`The PDK 102 mayalso include other data and applications.
`For example, the PDK 102 typically will include various
`profiles. Many different types of profiles are possible. A bio-
`metric profile, for example, includesprofile data representing
`physical and/or behavioral information that can uniquely
`identify the PDK owner. A PDK 102 can store multiple bio-
`metric profiles, each comprising a different type of biometric
`information. The same biometric information can also be
`
`Petitioner’s Ex. 1001 , Page 19
`
`Petitioner’s Ex. 1001 , Page 19
`
`

`

`US 9,235,700 B1
`
`7
`stored multiple times in a PDK 102. For example, twodiffer-
`ent applications may use the right index fingerprint, and that
`biometric information may bestored in two different service
`blocks, one for each application. In addition, the PDK 102
`mayalso store one or more biometric profile “samples” asso-
`ciated with each biometric profile. Profiles may also store one
`or more PINSor passwordsassociated with the PDK owner,
`or one or more pictures of the PDK owner. A profile can
`further include personal identification information such as
`name, address, phone number, etc., bank information, credit/
`debit card information, or membership information. This
`information can be useful for transactions.
`The transceiver 270 is a wireless transmitter and receiver
`
`for wirelessly communicating with a sensor 108 or other
`wireless device. The transceiver 270 can send and receive
`
`data as modulated electromagnetic signals. Moreover, the
`data can be encrypted by the transceiver 270 and transmitted
`over a secure link. Further, the transceiver 270 can actively
`send connection requests, or can passively detect connection
`requests from another wireless source. In one embodiment,
`the transceiver 270 is adapted to communicate over a range of
`up to around 5 meters. In another embodiment,the transceiver
`270 range can be varied.
`Turning nowto FIG.3, an example embodiment ofa sensor
`108 is illustrated. The embodiment includes one or more
`
`biometric readers 302, a receiver-decoder circuit (RDC) 304,
`a processor 306, a network interface 308 and an I/O port 312.
`In alternative embodiments, different or additional modules
`can be includedin the sensor 108.
`
`The RDC 304 provides the wireless interface to the PDK
`102. Generally, the RDC 304 wirelessly receives data from
`the PDK 102 in an encrypted format and decodes the
`encrypted data for processing by the processor 306. An
`example embodiment of an RDCis described in US. patent
`application Ser. No. 11/292,330 entitled “Personal Digital
`Key And Receiver/Decoder Circuit System And Method,” the
`entire contents ofwhich are incorporated herein by reference.
`Encrypting data transmitted between the PDK 102 and sensor
`108 minimizes the possibility of eavesdropping or other
`fraudulent activity. In one embodiment, the RDC 304is also
`configured to transmit and receive certain types of informa-
`tion in an unencrypted, or public, format.
`The biometric reader 302 receives and processes the bio-
`metric input 104 from an individual. In one embodiment, the
`biometric reader 302 is a fingerprint scanner. Other embodi-
`ments of biometric readers 302 include retinal scanners, iris
`scanners, facial scanner, palm scanners, DNA/RNA analyz-
`ers, signature analyzers, cameras, microphones, and voice
`analyzers. Furthermore, the sensor 108 can include multiple
`biometric readers 302 of different types.
`The network interface 308 can be a wired or wireless
`communication link between the sensor 108 and network
`110. For example, in one type of authentication, information
`is received from the PDK 102 at the RDC 304, processed by
`the processor 306, and transmitted to external authentication
`databases through the network interface 308. The network
`interface 308 can also receive data sent through the network
`110 for local processing by the sensor 108. In one embodi-
`ment, the network interface 308 provides a connection to a
`remote system administrator to configure the sensor 108
`according to various controlsettings.
`The I/O port 312 provides a general input and output inter-
`face to the sensor 108. The I/O port 312 may be coupledto any
`variety of input devices to receive inputs such as a numerical
`or alphabetic input from a keypad, control settings, menu
`selections, confirmations, and so on. Outputs can include, for
`
`10
`
`15
`
`20
`
`25
`
`30
`
`35
`
`40
`
`45
`
`50
`
`55
`
`60
`
`65
`
`8
`example,