PCT
`
`WORLD INTELLECTUAL PROPERTY ORGANIZATION
`International Bureau
`
`
`
`INTERNATIONAL APPLICATION PUBLISHED UNDER THE PATENT COOPERATION TREATY (PCT)
`
`(51) International Patent Classification © ;
`HO4L 9/00, H04Q 1/00
`
`(11) International Publication Number:
`.
`_
`(43) International Publication Date:
`
`WO. 99/56429
`
`4 November 1999 (04.11.99)
`
`
`
`(21) International Application Number: PCT/US99/08990|(81) Designated States: AE, AL, AM, AT, AU, AZ, BA, BB, BG,
`BR, BY, CA, CH, CN, CU, CZ, DE, DK, EE, ES, FI, GB,
`GD, GE, GH, GM, HR, HU,ID,IL, IN, IS, JP, KE, KG,
`KP, KR, KZ, LC, LK, LR, LS, LT, LU, LV, MD, MG, MK,
`MN, MW,MX, NO, NZ, PL, PT, RO, RU, SD, SE, SG,SI,
`SK, SL, TJ, TM, TR, TT, UA, UG, UZ, VN, YU, ZA, ZW,
`ARIPO patent (GH, GM, KE, LS, MW, SD, SL, SZ, UG,
`ZW), Eurasian patent (AM, AZ, BY, KG, KZ, MD, RU, TJ,
`TM), European patent (AT, BE, CH, CY, DE, DK,ES, FI,
`FR, GB, GR, IE, IT, LU, MC, NL, PT, SE), OAPI patent
`(BF, BJ, CF, CG, CI, CM, GA, GN, GW, ML, MR, NE,
`SN, TD, TG).
`
`(22) International Filing Date:
`
`26 April 1999 (26.04.99)
`
`(30) Priority Data:
`09/066,643
`09/298,326
`
`24 April 1998 (24.04.98)
`23 April 1999 (23.04.99)
`
`US
`us
`
`(71) Applicant: IDENTIX INCORPORATED [US/US]; 510 North
`Pastoria Avenue, Sunnyvale, CA 94086 (US).
`
`(72) Inventors: SCOTT, John, D.; 9 Pine Valley Road, Galson,
`NSW 2159 (AU). CURTIS, Terence, P.; 10 Selina Avenue,|Published
`Kariong, NSW 2250 (AU).
`With international search report.
`
`(74) Agent: GARCIA, Edouard, A.; Fish & Richardson P.C., Suite
`
`(54) Title: PERSONAL IDENTIFICATION SYSTEM AND METHOD
`
`100, 2200 Sand Hill Road, Menlo Park, CA 94025 (US).
`
`
`
`OPTICS
`UNIT
`
`UNIT
`
`PROCESSOR
`
`MEMORY
`
`RECEIVER
`MODULE
`
`ween de eee eee
`PROCESSING
`UNIT
`
`23
`COMMUNICATION
`
`
`
`
`
`
`HOST FACILITY
`
`CIRCUIT COMMUNICATION UNIT
`
`
`
`
`TRUSTED
`THIRD
`PARTY
`
`
`(57) Abstract
`
`identification device (6) and method for providing secure access to a host facility (4) includes a
`A portable, hand-held personal
`biometric sensor system capable of sensing a biometric trait of a user that is unique to the user and providing a biometric signal indicative
`of the sensed biometric trait. A processing unit responsive to the biometric signal is adapted to compare the biometric signal with stored
`biometric data representative of the biometric trait of an enrolled person that is unique to the enrolled person, and to provide a verification
`signal only if the biometric signal correspondssufficiently to the biometric data to verify that the user is the enrolled person. The verification
`signal (41) includes information indicative of the enrolled person or the device. A communication unit, including a transmitting circuit (28),
`is adapted to transmit the verification signal to a host system (30).
`
`Petitioner's Exhibit 1005, Page 1
`
`Petitioner's Exhibit 1005, Page 1
`
`

`

`Codes used to identify States party to the PCT on the front pages of pamphlets publishing international applications under the PCT.
`Slovenia
`Slovakia
`Senegal
`Swaziland
`Chad
`Togo
`Tajikistan
`Turkmenistan
`Turkey
`Trinidad and Tobago
`Ukraine
`Uganda
`United States of America
`Uzbekistan
`Viet Nam
`Yugoslavia
`
`Zimbabwe
`
`FOR THE PURPOSES OF INFORMATION ONLY
`
`SI
`SK
`SN
`SZ
`TD
`TG
`TJ
`TM
`
`LS
`LT
`LU
`LV
`MC
`MD
`MG
`MK
`
`ML
`MN
`MR
`MW
`MX
`NE
`NL
`NO
`NZ
`
`Lesotho
`Lithuania
`Luxembourg
`Latvia
`Monaco
`Republic of Moldova
`Madagascar
`The former Yugoslav
`Republic of Macedonia
`Mali
`Mongolia
`Mauritania
`Malawi
`Mexico
`Niger
`Netherlands
`Norway
`New Zealand
`Poland
`Portugal
`Romania
`Russian Federation
`Sudan
`Sweden
`Singapore
`
`Albania
`Armenia
`Austria
`Australia
`Azerbaijan
`Bosnia and Herzegovina
`Barbados
`Belgium
`Burkina Faso
`Bulgaria
`Benin
`Brazil
`Belarus
`Canada
`Central African Republic
`Congo
`Switzerland
`Céte d'Ivoire
`Cameroon
`China
`Cuba
`Czech Republic
`Germany
`Denmark
`Estonia
`
`ES
`FI
`FR
`GA
`GB
`GE
`GH
`GN
`GR
`HU
`IE
`IL
`
`it
`JP
`KE
`KG
`KP
`
`KR
`KZ
`Lc
`LI
`LK
`LR
`
`Spain
`Finland
`France
`Gabon
`United Kingdom
`Georgia
`Ghana
`Guinea
`Greece
`Hungary
`Treland
`Israel
`Tceland
`ltaly
`Japan
`Kenya
`Kyrgyzstan
`Democratic People’s
`Republic of Korea
`Republic of Korea
`Kazakstan
`Saint Lucia
`Liechtenstein
`Sri Lanka
`Liberia
`
`
`
`Petitioner's Exhibit 1005, Page 2
`
`Petitioner's Exhibit 1005, Page 2
`
`

`

`WO 99/56429
`
`PCT/US99/08990
`
`PERSONAL IDENTIFICATION SYSTEM AND METHOD
`
`Background of the Invention
`
`The invention relates to a personal identification system and method for
`
`allowing access to secure facilities.
`
`Some security systems, such as home security systems and door locks,
`
`require a user to enter a fixed code into a device at a host facility before allowing a
`
`person accessto the facility. Other systems, such as automated teller machines
`
`(ATM), require a person to submit an authorized card and also to enter a fixed
`
`10
`
`code that is associated with the person’s bank accounts. Automobile alarms, locks,
`
`and disabling devices, and garage door openers can be operated by pressing a
`
`button on a small remote device to transmit a codedsignal to a receiving unit on
`
`the automobile or garage.
`
`Each of these security systems can be operated by any person whois in
`
`15
`
`possession of the fixed code, the card or the transmitting device, as the case may
`
`be. Therefore, each of these systems is inherently insecure. Where absolute
`
`security is essential, some host facilities employ a biometric sensor to measure a
`
`biometric trait of a person requesting access to the host facility. The biometric trait
`
`is a unique identifier of a person, and can be, for example, a person’s fingerprint,
`
`20
`
`voice pattern, iris pattern, or the like. The requesting person also enters other
`
`identifying information about himself. The measured biometric trait is compared
`
`with stored biometric data associated with the identified person and, if there is a
`
`match, the requesting person is allowed entry or access to the host facility.
`
`In presently available biometric systems, each authorized person registers
`
`25
`
`with the host facility by providing a sample of their biometrictrait, for example, by
`
`having his fingerprint optically scanned into a host system data base. Each host
`
`facility must have a biometric sensor, access to the database of registered persons’
`
`biometric trait registration data, and a processing system capable of quickly
`
`searching the database and conducting the comparison to verify a person’s identity.
`
`30
`
`However, if the set of authorized personsis large, such a system would require a
`
`huge database to store the fingerprint imagesofall the authorized persons, and the
`
`Petitioner's Exhibit 1005, Page 3
`
`Petitioner's Exhibit 1005, Page 3
`
`

`

`WO 99/56429
`
`PCT/US99/08990
`
`2
`
`identification process would become sloweras the set of authorized persons
`
`increases.
`
`Summary of the Invention
`
`According to one aspect of the invention, a portable personal identification
`
`device for providing secure access to a host facility includes a biometric sensor
`
`system capable of sensing a biometric trait of a user that is unique to the user and
`
`providing a biometric signal indicative thereof. A processing circuit responsive to
`
`the biometric signal is adapted to compare the biometric signal with stored
`
`10
`
`biometric data representative of the biometric trait of an enrolled person that is
`
`indicative of the identity of the enrolled person. The processor provides a
`
`verification signal only if the biometric signal correspondssufficiently to the
`
`biometric data to verify that the user is the enrolled person. The verification signal
`
`is indicative of the enrolled person or the device. A communication unit, including
`
`a transmitter circuit, is adapted to transmit the verification signal to a remote host
`
`system.
`
`In another aspect, the invention features a personal identification system,
`
`comprising: a biometric sensor configured to extract a representation of a
`
`biometric trait of a user; a processor configured to verify the user’s identity based
`
`20
`
`upon a comparison of a representation of a biometric trait extracted from a user
`
`with a stored representation of the biometric trait; and a transmitter configured to
`
`transmit a verification signal indicative of a successful verification of the user’s
`
`identity.
`
`Embodiments may include one or more of the following features. The
`
`25
`
`processor may be configured to process signals received from a global positioning
`
`system (GPS) receiver. The processor may be configured to derive trip information
`
`(e.g.,
`
`the location of the GPS receiver) from the signals received from the GPS
`
`receiver. The processor may be programmable to prompt the user for additional
`
`verification information when the GPS receiver is positioned at a particular
`
`30
`
`location.
`
`The system may include a user input configured to enable a user to enter
`
`trip information, and wherein the processor is configured to process information
`
`Petitioner's Exhibit 1005, Page 4
`
`Petitioner's Exhibit 1005, Page 4
`
`

`

`WO 99/56429
`
`PCT/US99/08990
`
`3
`
`received from the user. The transmitter may be further configured to transmit
`
`signals representative of stored trip information.
`The biometric sensor, the processor, and the transmitter may be housed
`
`within a portable, hand-held housing. The system may include an input device
`mounted inside a vehicle and coupled to the vehicle’s power system, and wherein
`
`the input device is adapted to receive the verification signal from the transmitter
`and to enable the user to turn on the vehicle only upon receipt of the verification
`
`signal. The housing may have the form of a pocket-sized security badge. The
`housing may be configured to receive a graphical representation of the user.
`The system may include an automatic door locking device coupled to a
`vehicle door (or trunk) and adapted to unlock the door (or trunk)
`uponreceipt of
`
`the verification signal. The system also may include a receiver. The processor
`may be operable to switch the system from a low power operation to a normal
`power operation when the receiver receives a power-up signal from a host system.
`The system also may include a memory configured to store the representation of
`the biometric trait. The memory may be housed within a portable housing
`
`separable from the biometric sensor, processor and transmitter.
`The communication unit preferably is adapted for remote communication
`
`with the host system via a wireless communication medium. The device can
`
`10
`
`15
`
`20
`
`further include a display and a keypad.
`
`The biometric sensor system can include a fingerprint sensor, a voice
`
`sensor, or any other type of biometric sensor. The fingerprint sensor can include a
`platen adapted for placing a finger thereon. The fingerprint sensor can further
`include an optical image sensor, which may include a complementary metal oxide
`semiconductor (CMOS)optical sensor, a charge coupled device (CCD)optical
`sensor, or any other optical sensor having sufficient resolution to provide a signal
`indicative of a fingerprint image.
`In the embodiments with an optical sensor, the
`platen would include an optical platen, and the biometric sensor may also include a
`lens focusing light from the platen onto the optical sensor. The fingerprint sensor
`can alternatively include a direct contact sensor device, such as a capacitive sensor
`chip or thermal sensor chip.
`In these embodiments, the platen would be the surface
`
`of the sensor chip.
`
`25
`
`30
`
`Petitioner's Exhibit 1005, Page 5
`
`Petitioner's Exhibit 1005, Page 5
`
`

`

`WO 99/56429
`
`PCT/US99/08990
`
`4
`
`The processing unit can include a processor circuit, a memory and an
`
`encoder, wherein the memory stores the biometric data, and wherein the
`
`verification signal includes an encrypted signal encrypted by the encoder.
`
`In one
`
`embodiment, the encoder includes an encoding circuit, and the verification signal
`
`further includes an ID codeindicative of the enrolled person or the device.
`
`In another embodiment, the encoder comprises an encryption algorithm
`
`programmedinto the processor. The encryption algorithm employs a private key
`
`indicative of the enrolled person or the device.
`
`In this embodiment, the
`
`communication unit can further include a receiver circuit. The memory can further
`
`10
`
`store an ID codeindicative of the enrolled person or the device. The processor
`
`unit can be further adapted to first cause the transmitter circuit to transmit an ID
`
`code signal indicative of the ID code to the host system. The receiver circuit can
`
`be adapted to receive a host response signal transmitted by the host system in
`
`response to the ID code signal. The processor unit employs the encryption
`
`15
`
`algorithm and the private key to encrypt the host response signal to create the
`
`verification signal, and causes the transmitter circuit to transmit the verification
`
`signal to the host system only if the biometric signal corresponds sufficiently to the
`
`biometric data to verify that the user is the enrolled person.
`
`In either of these embodiments, the memory can be located in a removable
`
`20
`
`plug-in module, and the personal identification device further includes a socket
`
`adapted to receive the module.
`
`According to another aspect of the invention, a portable, hand-held personal
`
`identification device for providing secure access to a host facility includes a
`
`housing. A fingerprint sensor system in the housing is capable of sensing a
`
`25
`
`fingerprint of a user and providing a fingerprint signal indicative thereof. The
`
`fingerprint sensor system includes a platen on a surface of the housing adapted to
`
`receive a finger. A communication unit in the housing is adapted for wireless
`
`communication with a separate host system. The communication unit includes a
`
`transmitting circuit and a receiving circuit. A slot in the housing receives a
`
`30
`
`removable smart card that includes a memory. The device can be combined with
`
`the smart card. The memory in the smart card stores a fingerprint template
`
`representative of the fingerprint of an enrolled person, and an ID code and a
`
`Petitioner's Exhibit 1005, Page 6
`
`Petitioner's Exhibit 1005, Page 6
`
`

`

`WO 99/56429
`
`PCT/US99/08990
`
`5
`
`personal encryption key being associated with the device. A processing circuit in
`the device is adapted to cause the ID code signal from memory to be transmitted
`
`by the transmitting circuit. The processing circuit is further adapted to cause a host
`
`response signal received by the receiving circuit signal from the host system in
`
`response to the ID code signal to be encrypted according an encryption algorithm
`
`employing the personal encryption key and to cause the encrypted host response
`
`signal to be transmitted by the transmitting circuit only if the fingerprint signal
`
`correspondssufficiently to the fingerprint template to verify that the user is the
`
`registered person.
`
`10
`
`According to yet another aspect of the invention, a method of providing
`
`secure access to a host facility includes the step of registering one or more persons
`
`with the host facility, including storing a unique ID code and a public encryption
`
`key for each registered person. The method also includes receivingafirst
`
`transmission comprising a first user signal at the host facility, generating and then
`
`15
`
`transmitting a random numbersignal from the host facility only if the first user
`
`signal represents one of the stored ID codes, receiving a second transmission
`
`comprising a second user signal at the host facility, decrypting the second user
`
`signal with the public encryption key associated with the registered person whois
`
`also associated with the stored ID code represented by the first user signal, and
`
`20
`
`providing access to the host facility only if the decrypted second usersignal
`
`represents the random number.
`
`According to still another aspect of the invention, a method of providing
`
`access to a secure host facility only to registered persons includes registering one or
`
`more registered persons with the host system. Registering each registered person
`
`25
`
`includes storing an ID code associated only with a portable hand-held device under
`
`the control of that registered person. The method also includes transmitting an ID
`
`code signal from a portable hand-held device to a host facility of the host system.
`
`The ID codesignal represents an ID code associated with the transmitting device.
`
`Other steps include generating, at the host facility, a random numbersignal
`
`30
`
`representing a random numberin response to the ID code signal only if the ID
`
`code signal is representative of the ID code of the device controlled by one ofthe
`
`registered persons, and retrieving, with the host system, a public key associated
`
`Petitioner's Exhibit 1005, Page 7
`
`Petitioner's Exhibit 1005, Page 7
`
`

`

`WO 99/56429
`
`PCT/US99/08990
`
`6
`
`with the one of the registered persons only if the ID codesignal is representative of
`the ID code of the one the devices controlled by the one of the registered persons.
`Retrieving the public key can include retrieving the public key from a trusted third
`party. Further steps include transmitting the random numbersignal from the host
`facility to the transmitting device, and receiving the random number signal with the
`transmitting device. The method also includes generating a user fingerprint signal
`representing a fingerprint image of a user’s finger being placed onaplaten of the
`transmitting device, and comparing, with the transmitting device, the user
`fingerprint signal to a fingerprint template stored in the transmitting device,
`wherein the fingerprint template represents a fingerprint image of a person whois
`enrolled with the transmitting device. Other steps include encrypting the random
`numbersignal with the transmitting device, the random number signal being
`encrypted according to an encryption algorithm employing a private key associated
`only with the transmitting device, transmitting the encrypted random numbersignal
`from the transmitting device to the host facility only if the fingerprint image
`represented by the user fingerprint signal correspondssufficiently to the fingerprint
`image represented by the fingerprint template to verify that the useris the enrolled
`person, decrypting the encrypted random number signal with the host system,
`including employing the retrieved public key, and providing the user access to the
`host facility only if the decrypted encrypted random number signal represents the
`
`10
`
`15
`
`20
`
`random number.
`Transmitting the ID codesignal, transmitting the random numbersignal, and
`transmitting the encrypted random numbersignal each can include transmitting via
`a wireless transmission. Transmitting the ID codesignal, transmitting the random
`numbersignal, and transmitting the encrypted random number signal each can
`further include transmitting via at least one of a modem, a cable access TV line,
`and a computer communication medium.
`In yet another aspect of the invention, a method of providing a secure
`function at a host facility only to a registered person includes registering a person
`with the host facility by storing an ID code associated only with a portable
`registered device controlled by the registered person, learning a synchronization
`counter of the registered device, storing an encryption key associated with the
`
`25
`
`30
`
`Petitioner's Exhibit 1005, Page 8
`
`Petitioner's Exhibit 1005, Page 8
`
`

`

`WO 99/56429
`
`PCT/US99/08990
`
`7
`
`registered device and associating the encryption key of the registered device with
`the stored ID code. The method also includes generating a user fingerprint signal
`representing a fingerprint image ofa user’s finger being placed onaplaten of a
`portable user device, comparing, with the user device, the user fingerprint signal to
`a fingerprint template stored in the user device, the fingerprint template
`representing a fingerprint image of an enrolled person whois enrolled with the user
`device, and generating an access signal with the user device only if the fingerprint
`image represented by the user fingerprint signal corresponds sufficiently to the
`fingerprint image represented by the fingerprint template to verify that the useris
`the enrolled person, the access signal including an ID codeassociated only with the
`user device, button press information representing a requested function, and
`encrypted data encrypted with an encryption key associated with the user device,
`the encrypted data including a synchronization counter associated with the user
`device. The method then includes transmitting the access signal from the user
`
`10
`
`15
`
`20
`
`25
`
`30
`
`device to the hostfacility, determining, with the host facility, if the ID code in the
`access signal matches the stored ID code, retrieving the encryption key of the
`registered device if the match is successful, employing the encryption key of the
`registered device to decrypt the encrypted data and determine the synchronization
`counter of the user device, comparing the synchronization counter of the user
`device with the synchronization counter of the registered device, and providing the
`requested function represented by the button press data only if the synchronization
`counter of the user device matches the synchronization counter of the registered
`
`device.
`
`In another aspect, the invention provides a method of accessing a secure
`host facility, including sensing a biometric trait of a user that is uniqueto a user
`with a biometric sensor system of a portable device, and providing a biometric
`signal indicative of the biometric trait, comparing, with the portable device, the
`biometric signal with stored biometric data representative of the biometric trait of
`an enrolled person that is indicative of the identity of the enrolled person;
`providing a verification signal only if the biometric signal corresponds sufficiently
`to the biometric data to verify that the user is the enrolled person; and transmitting
`the verification signal and an ID code signal to a remote host system, wherein the
`
`Petitioner's Exhibit 1005, Page 9
`
`Petitioner's Exhibit 1005, Page 9
`
`

`

`WO 99/56429
`
`PCT/US99/08990
`
`8
`
`ID code signal is indicative of an ID code associated only with the portable device,
`and wherein the host system provides access to the secure facility in response to the
`verification signal only if host facility determines that personal device associated
`with the ID code belongs to a registered person.
`The system can be employed to provide secure access to a variety of
`different types of host facilities. The system can be used to replace security
`systems employing key card entry, fixed codeentry, or a combination of key card
`and fixed code entry, which are currently employed, for example, with ATM’s,
`gate and garage door openers, burglar alarm systems, point of sale (POS) devices,
`hotel room locks, and the like. The system can also be configured for use with
`automotive remote key entry (RKE) systems, automotive alarm systems, and
`
`automotive immobilizers.
`The personalidentification device and system of the invention has several
`advantages. The system is very private. Persons’ biometric data, such as a
`fingerprint, are not stored in a central database, as with prior art systems using
`fingerprint identification for security. An electronic template of a user’s fingerprint
`is stored only with their own personalidentification device, and is used only for
`verifying the user’s fingerprint.
`In the embodiment with two-way communication,
`the host facilities store only an ID code and a public key for each registered
`person. The ID code may betheserial numberof the device, and the public key
`can beretained by a trusted third party. The private key used by the device is
`
`never disclosed.
`
`The personal identification device is compact, being about the same size as
`an electronic pager. With advances in technology, it could be made even smaller.
`The personal identification device can be configured such that all the information
`that is associated with the user, i.e., the ID code, the personal encryption key, and
`the fingerprint template, is stored in a smart card, which can be transferred between
`identical devices having the image capture electronics, processing circuit,
`communication module and power supply. This enables the user to switch devices
`when one is worn out or broken without havingto re-register.
`The host system can be installed at host facilities with a minimal
`expenditure compared with current systems employing fingerprint identification for
`
`10
`
`15
`
`20
`
`25
`
`30
`
`Petitioner's Exhibit 1005, Page 10
`
`Petitioner's Exhibit 1005, Page 10
`
`

`

`WO 99/56429
`
`PCT/US99/08990
`
`9
`
`security. The biometric sensoris installed in each personalidentification device,
`rather than with the host facility. This configuration also makesretrofitting
`existing security systems for use with the personal identification device a relatively
`simple procedure. The point of contact is with the personal identification device,
`which makesthe present system more feasible for use at exposed, public locations,
`such as with automated teller machines, parked automobiles, and gate entries,
`where the weather and vandalism can be problems. This also makes the system of
`
`the invention more sanitary than other systems that require a person to operate a
`
`public terminal, keypad, or fingerprint scanner.
`Because each user carries his own fingerprint template in the personal
`
`identification device, users can "roam" to many different applications and host
`facilities without the need to enroll the template at each site. They only need to
`
`register prior to use. This can be done over the phone or over computer
`communication lines, such as the Internet, if only medium level security is
`
`required.
`The user has total control over the procedure for accessing a host facility.
`The ID cannot be read unless the user presses the fingerprint reader. The random
`number transmission and the encrypted random number transmission cannot be
`"scanned" as the random numbersare different each time access to a host facility is
`requested. The personal identification device can be used in conjunction with
`conventional telephone lines or computer network communication lines without any
`
`risk of theft.
`
`Personal identification devices could be sold via anyretail outlet, for
`example, as a shrink wrap product. As the units are manufactured with unique ID
`codes and private keys there is no need to control the sale in any way.
`Unlike prior art biometric identification systems, the user is already enrolled
`by the first use of the personal identification device. This completely eliminates
`the delays and problems associated with enrolling large numbers of users and
`storing each user’s biometric data.
`Other features and advantages will become apparent from the following
`
`description, including the drawings and theclaims.
`
`10
`
`15
`
`20
`
`25
`
`30
`
`Petitioner's Exhibit 1005, Page 11
`
`Petitioner's Exhibit 1005, Page 11
`
`

`

`WO 99/56429
`
`PCT/US99/08990
`
`10
`
`Brief Description of the Drawings
`FIG. 1 is a block diagram of a security system according to the invention.
`FIG. 2 is a block diagram of another embodiment of a security system
`
`according to the invention.
`FIG. 3. is a perspective view of a personal identification device according to
`
`another feature of the invention.
`
`FIGS. 4A, 4B, 4C, and 4D are respective front, side, top and bottom views
`
`of an embodiment of a personal identification device.
`
`FIGS. 5A and 5B are respective front and side views of another
`
`embodiment of a personal identification device.
`FIG.6 is a front view of a third embodiment of a personal identification
`
`device.
`
`FIG. 7 is a flow diagram illustrating an embodiment of a method of
`accessing a host facility with a personal identification device.
`FIG. 8 is a flow diagram illustrating another embodiment of a method of
`accessing a hostfacility with a personal identification device.
`FIG. 9 is a schematic diagram of an embodiment of the processorunit.
`FIGS. 10A and 10B are a perspective and block diagrams, respectively, of a
`
`personal identification system.
`FIG. 11 is a perspective view of a personal identification system clipped to
`
`a user’s pocket.
`
`Detailed Description
`
`Referring to FIG. 1, a security system 2 provides access to one or more
`secure host facilities 4 only to registered persons. A host facility 4 may be a bank,
`a store, a military base, a computer system, an automobile, a homesecurity system,
`a gate, or any other facility where it is desired to restrict access to selected
`individuals. Each registered person uses a battery powered, portable personal
`identification device (PID) 6, which communicates with a communication unit 8
`located at each host facility 4. PID 6 is small enough to carry on ones person,
`being similar in size to a hand-held pager. An example of a PID 6 is shown being
`held in the palm of a man’s hand 10 in FIG.3.
`
`10
`
`15
`
`20
`
`25
`
`30
`
`Petitioner's Exhibit 1005, Page 12
`
`Petitioner's Exhibit 1005, Page 12
`
`

`

`WO 99/56429
`
`PCT/US99/08990
`
`11
`
`PID 6 includes a biometric sensor.
`
`In the described embodiment, a
`
`biometric sensor 11 includes an optics unit 12 having a CMOSoptical sensor
`imaging device 14, and an exposed optical platen 15.
`Imaging device 14 can also
`be a CCD imaging device. A lens (not shown) may also be used to focus an image
`
`from a surface of platen 15 onto imaging device 14. PID also includes a
`processing unit 16. Processing unit 16 includes a processorcircuit 18, an external
`memory 20 and may include an analog-to-digital converter circuit (A/D) 22. Some
`CMOSoptical sensors provide a digital output signal, which eliminated the need
`for A/D 22. PID 6 further includes a communication unit 24, which has a
`
`10
`
`transmitter module 26 and a receiver module 28.
`
`Memory 20 stores information that is specific to processing unit 16.
`Memory 20 stores an ID code thatis set in PID 6 by the manufacturer. The ID
`code of a device, which may be the device serial number, is unique to each device.
`Memory 20also stores a fingerprint template that is generated by processing unit
`16 from a fingerprint image signal provided by optics 12 unit when an individual
`first enrolls into PID 6, as will be described in detail below. That fingerprint
`
`image signal is representative of an image ofa fingerprint of the enrolled
`individual. The fingerprint template is a data set that is representative of features
`of the enrolled individual’s fingerprint. The fingerprint template is normally not
`changed onceit is established in memory 20.
`In some embodiments, PID 6 may
`include a serial port (not shown), which can be used to plug into a computer to
`update or change the fingerprint template. For security purposes, PID 6 would be
`used to perform an identification verification before allowing such a change.
`Processing unit 16 also includes an encryption algorithm incorporated into
`an encoder 23.
`In the embodimentillustrated in FIG. 1, the encryption algorithm is
`
`programmedinto processor circuit 18. A private key that is stored in memory 20
`is used with the encryption algorithm for encryption. The private key can be set
`into memory by the manufacturer, and is specific to each PID 6. Different PIDs6,
`which have different processing units 16, will typically have different private keys.
`The encryption algorithm, on the other hand, can be the sameforall PID’s 6.
`Hostfacility 4 is part of a host system 30. Host system 30 will typically be
`bank ATM systems, point of sale systems, and the like. Host system 30 also
`
`15
`
`20
`
`25
`
`30
`
`Petitioner's Exhibit 1005, Page 13
`
`Petitioner's Exhibit 1005, Page 13
`
`

`

`WO 99/56429
`
`,
`
`PCT/US99/08990
`
`12
`
`includes a host processing unit 32, which has a processor circuit 34 and memory-
`
`36. Communication unit 8 in host facility 4 includes a receiver module 38 and a
`
`transmitter module 40. Host processing unit 32 may be located with hostfacility 4,
`or may belocated at a remote location, where it may also serve other host facilities
`
`4 in a distributed network 42.
`
`Memory 36 stores ID codes of enrolled individuals who have registered
`with host system 30. Memory 36 also stores public keys associated with respective
`ones of the stored ID codes. By employing the correct public key associated with a
`
`specific ID code, host processorcircuit 34 can decrypt a signal that has been
`encrypted according to the encryption algorithm and personal key associated with
`the specific ID code, in a manner knownin the encryption arts. The public key
`can also be stored with a trusted third party 39, which provides this service for
`
`several host systems in a known manner.
`Signals 41 may be transmitted between PID 6 and hostfacility via any
`wireless transmission method. Transmission can be via RF, infrared, induction,
`
`sound, or the like.
`
`In this embodiment, PID communication unit 24 and host
`
`communication unit 8 will normally have a short transmission range of
`approximately a meter or less, however, longer ranges can be used as well. Hard-
`wire transmission methods can also be employ