(19) United States
`(12) Patent Application Publication (10) Pub. No.: US 2001/0049785 A1
`(43) Pub. Date:
`Dec. 6, 2001
`Kawan et al.
`
`US 2001.0049785A1
`
`(54) SYSTEM AND METHOD FOR USER
`AUTHENTICATION
`
`(76) Inventors: Joseph C. Kawan, Hollywood, CA
`(US); Yosif Smushkovich, Santa
`Monica, CA (US); Ronald King-Hang
`Chu, Los Angeles, CA (US)
`
`Correspondence Address:
`George T. Marcou, Esq.
`Kilpatrick Stockton LLP
`Suite 800
`700 13th Street, NW
`Washington, DC 20005 (US)
`(21) Appl. No.:
`09/769,844
`(22) Filed:
`Jan. 25, 2001
`
`14
`
`Related U.S. Application Data
`(63) Non-provisional of provisional application No.
`60/178,175, filed on Jan. 26, 2000.
`
`Publication Classification
`
`(51) Int. Cl. ................................................... H04L 9/32
`(52) U.S. Cl. ............................................ 713/156; 713/186
`(57)
`ABSTRACT
`A method and System for authenticating the identity of a user
`by an authority makes use of presenting biometric data for
`the user in a predetermined shared Secret Sequence. The
`method and System can be augmented by requesting an
`additional shared secret, Such as a PIN or additional cre
`dentials, to establish multiple layers of authentication. Vary
`ing the layers of authentication results in greater or lesser
`Security, and the accuracy for any given layer can be relaxed
`without compromising the integrity of the entire method.
`
`DATABASE
`STORING
`
`2O
`
`BIOMETRIC /
`
`TEMPLATE
`
`10
`
`2
`
`16
`
`ERMINA
`WITH
`BOMERC
`READER
`DEVICE
`
`
`
`
`
`
`
`HOST
`
`COMPUTER
`
`18
`
`/
`
`USER
`
`IPR2022-00602
`Apple EX1020 Page 1
`
`

`

`Patent Application Publication
`
`US 2001/0049785 A1
`
`() Z
`
`
`
`
`
`£) NINHOLS
`
`QIRIIGIVNOH8H
`
`
`
`8 ITIVNIWYHOEIL
`
`I ”SOIH
`
`
`
`
`
`
`
`IPR2022-00602
`Apple EX1020 Page 2
`
`

`

`Patent Application Publication
`
`Dec. 6, 2001 Sheet 2 of 8
`
`US 2001/0049785 A1
`
`
`
`
`
`
`
`Z “OICH
`
`
`
`SAAONXH YXICHS?]SVH HO SI RICHSQ
`
`@HOVA
`
`SINHI
`
`
`
`
`
`IPR2022-00602
`Apple EX1020 Page 3
`
`

`

`Patent Application Publication
`
`Dec. 6, 2001 Sheet 3 of 8
`
`US 2001/0049785 A1
`
`
`
`- O
`
`H
`
`IPR2022-00602
`Apple EX1020 Page 4
`
`

`

`Patent Application Publication
`
`Dec. 6, 2001 Sheet 4 of 8
`
`US 2001/0049785 A1
`
`
`
`09
`
`?INV?
`
`
`
`
`
`
`
`IPR2022-00602
`Apple EX1020 Page 5
`
`

`

`Patent Application Publication
`
`Dec. 6, 2001 Sheet 5 of 8
`
`US 2001/0049785 A1
`
`09
`
`89
`
`99
`
`
`
`
`
`
`
`
`
`
`
`IPR2022-00602
`Apple EX1020 Page 6
`
`

`

`Patent Application Publication
`
`Dec. 6, 2001 Sheet 6 of 8
`
`US 2001/0049785 A1
`
`
`
`
`
`?INVOEI
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`IPR2022-00602
`Apple EX1020 Page 7
`
`

`

`Patent Application Publication
`
`Dec. 6, 2001 Sheet 7 of 8
`
`US 2001/0049785 A1
`
`89
`
`99
`
`CTYIVO HLINA
`
`
`TVNIWN HAL
`TV OO'I
`
`Y[HCIVARI
`
`YIGACIVAT?
`ODILAWNOIH CINV
`
`
`
`©IOIAGACI
`
`
`
`GTYIVO L’AVVNS
`
`QNIYHOLS
`
`OI^IIHWNOI8
`
`?ILVIAWN@AL
`
`
`
`
`
`
`
`
`
`IPR2022-00602
`Apple EX1020 Page 8
`
`

`

`Patent Application Publication
`
`Dec. 6, 2001 Sheet 8 of 8
`
`US 2001/0049785 A1
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`IPR2022-00602
`Apple EX1020 Page 9
`
`

`

`US 2001/0049785 A1
`
`Dec. 6, 2001
`
`SYSTEMAND METHOD FOR USER
`AUTHENTICATION
`
`PRIORITY APPLICATION
`0001) This application claims the benefit of U.S. Provi
`sional Application No. 60/178,175 filed Jan. 26, 2000,
`entitled “System and Method for User Access Authentica
`tion,” and incorporated herein by this reference.
`
`Field of the Invention
`0002 The present invention relates to the field of user
`authentication Systems and more particularly to a method
`and System of authenticating or Verifying the identity of a
`user using biometric data about the user.
`
`BACKGROUND OF THE INVENTION
`0003. The task of authenticating or verifying the identity
`of a user requires a certain level of Security in addition to the
`method by which the user is identified. A typical authenti
`cation System involves, for example, a user who has a Smart
`card or perhaps Simply a credit card. When the user presents
`himself or herself to the System, Such as at an automatic
`teller machine (ATM), the user presents his or her credit
`card, which identifies the particular user by name and
`account number. The user then presents his or her personal
`identification number (PIN), or similar information known
`only to the user, and the presented information is Sent to a
`host computer. The host computer, which is based on a
`database, can then identify the user by the user's name and,
`for example, by the particular PIN that the user is supposed
`to use.
`In the case when biometrics are used for authenti
`0004.
`cation, the identification of the user can be done by present
`ing a biometric Such as a fingerprint, the user's face, or the
`user's voice, to the System. In addition to that, when the user
`identifies himself or herself by presenting a biometric, Such
`as a fingerprint, the System goes through the process of
`looking at a Stored template of the user's fingerprint which
`was created in advance. The System compares the user's
`presented fingerprint to the Stored template and Verifies that
`this is the same perSon, making its decision based on certain
`predefined parameters, Such as threshold of match Scores
`between the presented and Stored biometric Samples.
`
`SUMMARY OF THE INVENTION
`0005. It is a feature and advantage of the present inven
`tion to provide a method and System of authenticate a user
`with biometric data which allows the use of a high biometric
`recognition threshold to filter out as many impostors as
`possible, while at the same time minimizing the rate of false
`rejections.
`0006. It is another feature and advantage of the present
`invention to provide a method and System of authenticate the
`user with biometric data which enables a lower rate of false
`rejections without increasing the rate of false acceptances.
`0007 To achieve the stated and other features, advan
`tages and objects, an embodiment of the present invention
`provides a method and System for authenticating the identity
`of a user by an authority that makes use of biometric data,
`which is what the user is, and additional information, which
`is what the user knows, for example, by presenting the
`
`biometric in a predefined manner, Such as a predefined
`Sequence. The predefined manner in which the biometric is
`presented, Such as presenting the user's fingerprints in a
`predefined Sequence, functions as the user's PIN. An
`embodiment of the present invention uses biometric data
`together with the predetermined Sequence of presenting the
`biometric data to enable the user to gain access to a device,
`physical location, or network.
`0008. The authentication method and system for an
`embodiment of the present invention can be augmented by
`requesting an additional shared Secret, Such as a PIN, or
`additional credentials, thus establishing multiple layers of
`authentication. Varying the layers of authentication results in
`greater or lesser Security, and the accuracy for any given
`layer can be relaxed without compromising the integrity of
`the entire method. In order to minimize the risk of replay
`attack, the predetermined Sequence may be different for
`consecutive accesses.
`0009. In an embodiment of the present invention, the user
`presents one or more user credentials for enrollment by an
`authority, Such as a bank. The user credentials include, for
`example, one or more biometric templates for the user's
`fingerprint(s), face, voice and/or iris and/or one or more
`digital documents, Such as a digital certificate and/or a
`digital Signature for the user and/or one or more paper
`documents, Such as a passport for the user. The user cre
`dential(s), which represent user authentication information,
`are Stored for the user, for example, on a host computer, a
`local terminal, and/or a user token, Such as a Smart card, and
`the stored user credential(s) can be signed with the user's
`private key.
`0010. In addition, one or more shared secrets is estab
`lished between the user and the authority relating to a
`predefined shared Secret manner for presenting each of one
`or more current user credentials to the authority, Such as a
`predefined shared Secret Sequence of presenting the current
`user credential(s). Information about the predefined shared
`Secret, which functions in a manner analogous to a PIN for
`the user, is Stored for the user in a database. The information
`about the shared Secret(s) can be stored in the same database
`as the database storing the user credential(s), and both can
`be Stored encrypted and digitally signed.
`0011. One or more additional shared secrets for an
`embodiment of the present invention can include, for
`example, a predefined shared secret PIN for the user, one or
`more additional predefined shared Secret manner(s) of pre
`Senting the current user credential(s) to the authority, a
`predefined shared Secret manner of presenting one or more
`additional current user credential(s) to the authority for the
`user, and/or a predefined shared Secret manner of presenting
`each of Several additional current user credentials to the
`authority for the user. In addition, the predefined shared
`Secret manner of presenting each of Several additional
`current user credentials can include one or more variation(s)
`corresponding to a variation in a degree of Security and/or
`for use on consecutive occasions.
`0012. In an embodiment of the present invention, in order
`to authenticate the identity of the user, the user presents one
`or more current user credential(s), Such as one or more
`current biometric Samples for the user's fingerprint(s), face,
`Voice, and/or iris, to the authority in the predefined shared
`Secret Sequence(s). For example, the authority can direct the
`
`IPR2022-00602
`Apple EX1020 Page 10
`
`

`

`US 2001/0049785 A1
`
`Dec. 6, 2001
`
`user to present a biometric Sample for one or more user
`fingerprint(s) in a particular predefined shared Secret
`Sequence, or a combination of biometric Samples for two or
`more of the user's fingerprint(s), face, voice, and/or iris in a
`predefined shared Secret Sequence. In another aspect, the
`shared Secret manner of presenting the current user creden
`tial(s) involves, for example, presenting at least two user
`credentials by the authority in a predefined shared Secret
`Sequence, or in a manner directed by the authority, or in one
`of Several predefined Secret Sequences randomly Selected by
`the authority.
`0013 The authority for an embodiment of the present
`invention authenticates the identity of the user based on a
`correspondence between the enrolled and current user cre
`dentials and a correspondence between the Shared Secret
`manner for presenting the current user credential(s) and the
`manner in which the current user credential(s) are presented
`to the authority. The authentication is performed, for
`example, by the host computer or the local device for
`activation of a device, Such as a gate controller, a door
`opener, a telephone, or appliance, or for access, Such as
`device access, physical location access, or network access.
`Other aspects of an embodiment of the present invention
`involve, for example, authenticating the identity of the user
`to a Smart card or to activate a silent alarm for the user.
`0.014.
`Additional objects, advantages and novel features
`of the present invention will be set forth in part in the
`description which follows, and in part will become more
`apparent to those skilled in the art upon examination of the
`following or may be learned by practice of the invention.
`
`BRIEF DESCRIPTION OF THE DRAWINGS
`0.015
`FIG. 1 is a schematic diagram which shows an
`example of key components and the flow of information
`between the key components for the authentication method
`and System for an embodiment of the present invention;
`0016 FIG. 2 is a table which illustrates examples of
`credentials, which represent what the user is or has, and
`shared Secrets, which represent what the user knows, for the
`authentication method and System of an embodiment of the
`present invention;
`0017 FIG. 3 is a schematic diagram which illustrates an
`example of key components and the flow of information of
`a System Storing authentication parameters in a local System
`for an embodiment of the present invention;
`0.018
`FIG. 4 is a schematic diagram which illustrates an
`example of key components and the flow of information
`between the key components of a bank's System Storing
`authentication parameters for an embodiment of the present
`invention;
`0.019
`FIG. 5 is a schematic diagram which illustrates an
`example of key components and the flow of information
`between the key components of an authentication System
`with a four-corner network of trust for an embodiment of the
`present invention;
`0020 FIG. 6 is a schematic diagram which illustrates and
`example of key components and the flow of information
`between the key components of a three-corner authentica
`tion system for an embodiment of the present invention with
`the user at a terminal Such as the user's PC;
`
`FIG. 7 is a schematic diagram with illustrates an
`0021
`example of key components and the flow of information
`between the key components of an authentication System for
`an embodiment of the present invention with credentials,
`Such as a biometric template, Stored on a Smart card; and
`0022 FIG. 8 is a flow chart which illustrates an example
`of the process of user authentication for an embodiment of
`the present invention.
`
`DETAILED DESCRIPTION
`0023 Referring now in detail to an embodiment of the
`present invention, an example of which is illustrated in the
`accompanying attachments, FIG. 1 is a Schematic diagram
`which shows an example of key components and the flow of
`information between the key components for the authenti
`cation method and System for an embodiment of the present
`invention. An aspect of the present invention provides a
`method and System of authenticating a user 10 to the System
`14, such as an ATM system, which makes use of biometric
`data, which is what the user 10 is, and additional informa
`tion, which is what the user 10 knows, for example, by
`presenting the biometric in a predefined manner, Such as a
`predetermined Sequence.
`0024 FIG. 2 is a table which illustrates examples of
`credentials, which represent what the user is or has, and
`shared Secrets, which represent what the user knows, for the
`authentication method and System of an embodiment of the
`present invention. The predefined manner in which the
`biometric 26 is presented, Such as presenting the user's
`fingerprints 28 in a predetermined Sequence 46, functions as
`the user's PIN 44. Thus, the user's fingerprints 28 are what
`the user 10 has, and the sequence 46 in which they are
`presented is what the user 10 knows. The method and system
`for user authentication identification for an embodiment of
`the present invention uses biometric data 26 and the prede
`termined Sequence 46 of presenting the biometric data 26 in
`order to gain access to a device, physical location, or
`network.
`0025. This authentication method may be augmented by
`requesting an additional shared Secret, Such as a PIN 44, or
`additional credentials, Such as documentation 36, thus estab
`lishing multiple layers of authentication. Varying the layers
`of authentication results in greater or lesser Security. Addi
`tionally, with multiple layers of authentication, the accuracy
`for any given layer can be relaxed without compromising the
`integrity of the entire method. In order to minimize the risk
`of replay attack, the predetermined Sequence 46 may be
`different for consecutive accesses. The authentication pro
`ceSS can be executed between the user 10 and a Smart card
`or a trusted network. In a situation where the user 10 is in
`danger, a separate Sequence 46 may be presented to alert the
`authentication System 14 that the user 10 is in danger.
`0026. In addition to presentation and comparison of a
`biometric 26, Such as a fingerprint 28, an aspect of an
`embodiment of the present invention involves the use, for
`example, of presentation and comparison of additional bio
`metrics 26, Such as the user's voice 30 or face 32, a
`document 36, or perhaps a PIN 44, in effect, combining
`biometrics 26 and PIN 44 or other information in a single
`process. When the user 10 comes to the system 14 and
`presents a biometric 26, Such as the user's fingerprint 28, the
`way in which the user 10 presents the fingerprint 28 is
`
`IPR2022-00602
`Apple EX1020 Page 11
`
`

`

`US 2001/0049785 A1
`
`Dec. 6, 2001
`
`unique to the particular user 10. Further, only the particular
`user 10 knows the way he or she presents the fingerprint 28.
`0027. For example, in an embodiment of the present
`invention, the user's fingerprint 28 can be presented in
`particular time Sequences 46, Such as having the user present
`the same finger once and then remove it and present it again
`and then remove it again. The System 14 knows the Specific
`sequence 46 which, like a PIN 44, identifies the particular
`user's knowledge. Alternatively, the user 10 may present
`perhaps two or three fingerprints 28, Such as first finger, then
`third finger, and then Second finger, which is analogous to
`entering the numerals for a PIN 44. Another alternative
`aspect involves, for example, in addition to use of a finger
`print Sequence 46, the System 14 can be preprogrammed to
`ask for Some other additional information to help in the
`authentication process, such as a PIN 44.
`0028. Additionally, the system 14 for an embodiment of
`the present invention can be preprogrammed to randomly
`ask the user 10 to present additional credentials out of
`previously enrolled credentials to prevent a replay attack
`that might be attempted to defeat the authentication process.
`In order to avoid Such a replay attack, Some part of the Secret
`is generated by the System 44 and another part is the shared
`secret 42 between the user 10 and the system 44 or authority.
`Thus, the authentication proceSS is different each time, and
`if a third party records the Sequence 46 and replays it, it will
`not work. A replay attack involves, for example, capturing
`the shared Secret Sequence 46, Such as a fingerprint Sequence
`46, by a recording device and attempting to defeat the
`authentication process by replaying the Sequence 46.
`0029 Authenticating the user 10, for example, to open
`the user's door at home requires a relatively low level of
`Security, and it may be adequate for the user 10 who wants
`a biometric authentication System to install a System which
`is based on the traditional approach, Such as presenting one
`of the user's fingers for comparison of the fingerprint 28
`with a System-Stored template. For additional Security, an
`embodiment of the present invention involves presentation
`and comparison, for example, of the fingerprint 28 of one
`finger and then another finger, to make it a little more Secure.
`0.030. For much greater security, an embodiment of the
`present invention involves, for example, one or more of
`presentation and comparison of the user's face 32 with a
`System-Stored template, a Visual comparison of the user 10
`with a photograph by a Security perSon, and/or presentation
`of fingerprints 28 in a certain Sequence 46. AS an alternative
`for greater Security, an embodiment of the present invention
`involves, for example, presenting different biometricS 26,
`such as the user's face 32, then fingerprint 28, then iris 34
`for comparison with System-Stored templates in a particular
`Sequence 46.
`0.031) An embodiment of the present invention also
`makes use of biometric authentication in combination, for
`example, with real or digital documents 36, Such as certifi
`cates, passports, digital signatures, and anything else in
`addition to what a user usually presents. By presenting these
`additional things, the probability of acceptance of the user
`10 is increased, and each of these particular presentations
`may not be required to be as highly Secure as it would
`normally be required. ASSume, for example, that the user 10
`presents his face 32 to the system 14 and says “I am this
`perSon. It is necessary to create a very high quality recog
`
`nition System to understand that the picture is actually the
`person whose face 32 is presented to be able to compare it
`and to Verify it properly.
`0032. Likewise, if the user 10 presents a fingerprint 28 to
`the System 14 and Says, “I am this perSon, it is necessary to
`have a template of the user's fingerprint 28 created in the
`best environment available. In addition, the user's finger
`should be presented under the best possible conditions. For
`example, the presented finger should have no cuts, it should
`not be wet, and/or it should be at the proper temperature. If
`all of this occurs properly, then the System 14 may be able
`to accept the user's fingerprint 28 with the desired level of
`security. However, if the user 10 presents the user's finger
`print 28, and a digital certificate 40, and the user's face 32,
`and perhaps Something else in addition to the fingerprint 28,
`and if they are presented in a proper Sequence 46, then it is
`not necessary for each of these parameters to be created in
`the best possible way, as would be necessary if only the
`user's fingerprint 28 were presented.
`0033. In an embodiment of the present invention, those
`parameters can be Stored in a particular device. However, is
`it not necessary that they be Stored in a particular device.
`FIG. 3 is a schematic diagram which illustrates an example
`of key components and the flow of information of a System
`Storing authentication parameters in a local System for an
`embodiment of the present invention. An aspect of an
`embodiment of the present invention makes use of a cen
`tralized system 14 as shown in FIG. 2, but the application
`for an embodiment of the present invention can equally well
`be stored in a local device 48 as shown in FIG. 3. In any
`event, the parameters, thresholds or Scores, or the way the
`templates are organized, are in one way or another Stored in
`a central system 14 or a local device 48.
`0034. Another aspect of an embodiment of the present
`invention involves Storing the parameters in the place where
`the particular verification actually occurs. In a System, for
`example, which Verifies everything on a Smart card, the user
`authenticates himself or herself to the Smart card. However,
`in most cases, after the user authenticates himself or herself
`via the Smart card, the user must still authenticate the Smart
`card to Something else.
`0035 Assume, for example, that the user needs to do
`authentication to a merchant or to a bank. FIG. 4 is a
`Schematic diagram which illustrates an example of key
`components and the flow of information between the key
`components of a bank’s System Storing authentication
`parameters for an embodiment of the present invention. If
`the user's bank 50 has all the parameter information stored
`in the bank’s database 54, the user 10 can present his or her
`face 32, fingerprint 28, and/or certificate, and all of this
`information can be authenticated through the bank 50 where
`the user 10 actually wants to authenticate himself or herself.
`Of course, a bank or a merchant can attempt to authenticate
`the user 10 in another place, with the user Saying, in effect,
`I have this information about me in another place, Such as
`bank 50. If the merchant believes this is true and/or, for
`example, has a relationship with the bank 50, it can go
`through the authentication also.
`0036 For example, referring to FIG. 4, assume that the
`user 10 goes to a place, Such as the merchant with a terminal
`12, and Says to the merchant, I want to buy Something from
`you. The merchant Says 'Okay, can you prove that you are
`
`IPR2022-00602
`Apple EX1020 Page 12
`
`

`

`US 2001/0049785 A1
`
`Dec. 6, 2001
`
`the person who you say you are? The user 10 responds, “I
`cannot prove it to you, but I can prove it to my bank. If the
`user 10 has a relationship with the bank 50, and if the
`merchant also has a relationship with the bank 50, then the
`user 10 and the merchant can go together to the bank 50. The
`bank 50 acts as a sort of arbitrator which says, “Okay, you
`people are really the people who you Say you are. That
`means that the merchant can go to the bank 50 and verify
`that this particular user 10 who wants to buy something from
`the merchant actually belongs to the bank 50 and is capable
`of paying. This merchant-user-Single bank entity relation
`ship is referred to as a three-corner model.
`0037. An aspect of an embodiment of the present inven
`tion also involves expanding the relationship from a mer
`chant-user-Single bank entity relationship to a network of
`trust, for example, where all of the participants in the
`authentication process belong to the same association or the
`same network of trust. FIG. 5 is a schematic diagram which
`illustrates an example of key components and the flow of
`information between the key components of an authentica
`tion System with a four-corner network of trust for an
`embodiment of the present invention. Thus, the user 10 can
`have a relationship with the bank 50 which shares the same
`network of trust 58 with another bank 56 with which the
`merchant has a relationship. In other words, the user 10 and
`the merchant have relationships with different banks 56, 50,
`but the different banks share a trusted network 58, and the
`Same authentication proceSS can be used.
`0038. For example, referring to FIG. 5, we have the
`user's bank 50, the merchant's bank 56, the user 10, and the
`merchant, and the two banks 56, 50 are different. With the
`network of trust 58 established between the two banks 56,
`50, the same authentication process can be used even though
`the user 10 has a relationship with a different bank from the
`merchant. Further, the network of trust 58 can include any
`number of banks. If the user 10 related to one bank 50
`wishes to authenticate to the merchant related to another
`bank 56, in order to accomplish the four corner model, the
`user 10 goes to the merchant's terminal 12 and passes his or
`her credentials 24 through the merchant's terminal 12 in a
`predefined sequence 46. If it is within a trusted area 58, the
`merchant passes that Sequence 46 to the merchant's bank 56,
`and the merchant's bank 56 passes that sequence 46 to the
`user's bank 50. The user's bank 50 identifies the user 10, and
`the authentication is passed back to the merchant. In Such
`case, the merchant's bank 56 acts as a Sort of proxy in the
`authentication process.
`0.039
`Referring again to FIG. 4, an embodiment of the
`present invention makes use, for example, of a terminal 12
`to which the user 10 presents his or her information 24, such
`as biometrics 26, at certain times in a certain Sequence 46.
`ASSume that the user 10 comes to a merchant and wants to
`buy Something, and that the merchant has a terminal 12
`which the user 10 knows that he or she can trust. Obviously,
`it is very important that the user 10 will not provide his or
`her information 24 to a terminal that he or she should not
`trust. The user 10 sees that there is a terminal 12 that he or
`She can trust, and the user 10 can present his or her
`information 24. It is important that this information 24 is not
`identified at the particular terminal 12 but is passed to
`something that the merchant and the user 10 both together
`trust, Such as the bank 50. The bank 50 makes the decision
`that this particular user 10 is exactly who he or She says and
`
`has enough money in his or her account that the merchant
`can accept the user's promise to pay.
`0040. One way of accomplishing this is simply by the
`user presenting his or her credit card in the presence of the
`merchant, as is presently done today. However, in an
`embodiment of the present invention, another way of
`accomplishing this is that if the user 10 is trying to buy
`Something from the merchant but, for example, is sitting at
`home at a terminal 12, Such as the user's personal computer
`(PC), the user 10 needs to communicate to the merchant in
`a way in which he or she feels comfortable. FIG. 6 is a
`Schematic diagram which illustrates and example of key
`components and the flow of information between the key
`components of a three corner authentication System for an
`embodiment of the present invention with the user at a
`terminal Such as the user's PC. The merchant 60 does not
`verify the user's fingerprint 28 but passes the fingerprint 28
`to the bank 50 to which both the user 10 and the merchant
`60 belong. The bank 50 verifies that the user 10 is who he
`or she says and confirms the particular transaction.
`0041) On the user's side, the user 10 is at his or her PC
`62 at home and has, for example, a device 64 attached to the
`PC 62, which can accept the user's fingerprint 28. The user
`10 applies, for example, one finger, and then applies another
`finger, and sends all this information 24 to the merchant 60,
`and the merchant 60 passes this information 24 to the bank
`50. Based, for example, on the user's name and fingerprint
`or fingerprints 28 presented, the bank 50 verifies that the
`user 10 is who he or She says and also verifies the Sequence
`46 in which the user 10 presented his or her fingerprint or
`fingerprints 28. This is the user's PIN 44, which should be
`good enough for the bank 50 to make a decision that the user
`10 is who he or she claims to be, safely and securely, and to
`authorize the transaction.
`0042 An aspect of an embodiment of the present inven
`tion involves Storing the authentication information, Such as
`a biometric template, that is normally Stored at the host
`computer 52 at the bank 50, for example, on a smart card.
`FIG. 7 is a schematic diagram with illustrates an example of
`key components and the flow of information between the
`key components of an authentication System for an embodi
`ment of the present invention with credentials, Such as a
`biometric template, Stored on a Smart card. When the authen
`tication information is Stored on the Smart card 66, the user
`10 can identify himself or herself to the particular Smart card
`66. In Some cases, that is a Secure enough process, but in
`many cases it may not be. If the user 10 has a smart card 66
`in his or her possession and can identify himself or herself
`to that Smart card 66, that basically verifies that the particu
`lar user 10 is the person who is actually using the Smart card
`66 and is okay.
`0043 Codes are used to open the Smart card 66. For
`example, the user 10 presents his or her fingerprint 28 to the
`Smart card 66 and presents a PIN 44 to the Smart card 66 and
`opens the Smart card 66, and the Smart card 66 has enough
`information to be secure. ASSume that the user 10 has, for
`example, a digital Signature or digital certificate 40 which
`was signed by Someone else. The user 10 can use that
`particular digital Signature 40 Safely sitting on the user's
`Smart card 66 to authenticate himself or herself, but basically
`the user's Smart card 66, to the host computer 18. On the
`other hand, in an embodiment of the present invention, the
`
`IPR2022-00602
`Apple EX1020 Page 13
`
`

`

`US 2001/0049785 A1
`
`Dec. 6, 2001
`
`user 10 can present his or her biometric information 26 with
`the user's PIN 44 to the host computer 18 as shown in FIG.
`1, and the Smart card 66 is not needed. Thus, it is not
`necessary for the user 10 to have the Smart card 66 or
`anything else, but simply to present himself or herself, and
`it becomes unnecessary to authenticate the Smart card 66 and
`then Solve Some other problem to prove that it was signed by
`the proper authority and that the authority is trusted and the
`like.
`0044) A smart card aspect of an embodiment of the
`present invention can make use of an application which
`enables adjustment of the threshold depending on the envi
`ronment. Thus, if a more Secure application is wanted, the
`threshold is moved in a direction to prevent false acceptan
`ces, and for a leSS Secure application, the threshold can be
`relaxed up to the point that virtually any time the user 10
`presents a biometric 26, he or she is accepted. In an
`embodiment of the present invention, the threshold can be
`adjusted, additional information can be presented by the user
`10, and the threshold can be certified and re-locked to make
`the Smart card 66 work in a more secure way even if the
`threshold is locked.
`0.045. After the Smart card 66 is authenticated, it is not a
`particular benefit to the user 10 to authenticate to the user's
`own Smart card 66, since the user 10 already knows to his
`or own satisfaction that it i