USOO8799666B2
`
`(12) United States Patent
`Kesanupalli et al.
`
`(10) Patent No.:
`(45) Date of Patent:
`
`US 8,799,666 B2
`Aug. 5, 2014
`
`(54)
`
`(75)
`
`(73)
`
`(*)
`
`(21)
`(22)
`(65)
`
`(60)
`
`(51)
`
`(52)
`
`(58)
`
`SECURE USER AUTHENTCATION USING
`BOMETRIC INFORMATION
`
`Inventors: Ramesh Kesanupalli, San Jose, CA
`(US); Davit Baghdasaryan, Fremont,
`CA (US); Frank Schwab, Phoenix, AZ
`(US); Philip Yiu Kwong Chan,
`Fremont, CA (US); Larry Hattery,
`Beaverton, OR (US)
`Assignee: Synaptics Incorporated, San Jose, CA
`(US)
`Subject to any disclaimer, the term of this
`patent is extended or adjusted under 35
`U.S.C. 154(b) by 600 days.
`Appl. No.: 12/731,050
`
`Notice:
`
`Filed:
`
`Mar 24, 2010
`
`Prior Publication Data
`US 2011 FOO8301.6 A1
`Apr. 7, 2011
`
`Related U.S. Application Data
`Provisional application No. 61/249,218, filed on Oct.
`6, 2009, provisional application No. 61/292.820, filed
`on Jan. 6, 2010.
`
`(2006.01)
`(2006.01)
`(2013.01)
`
`Int. C.
`H04L 9M32
`G06K 9/00
`G06F2L/00
`U.S. C.
`USPC ................ 713/180; 382/124; 713/186: 713/7
`Field of Classification Search
`CPC ..................... H04L 2463/102: HO4L 63/04.07;
`H04L 63/0861; HO4L 63/1441; H04L
`63/1466: HO4L 63/20: HO4L 9/32: H04L
`9/3231; H04L 67/306; H04L 9/3247; G06F
`17/30864; G06F 17/30899; G06F 21/32:
`
`G06F 21/34; G06F 21/6263; G06F 21/57;
`G06F 2221/2115; G06F 21/33; G06F 21/445;
`G06F 2221/2117: G06K9/00906; G06K
`19/07354; G06Q 20/04: G06Q 20/10
`USPC ................................ 713/180:382/124; 726/7
`See application file for complete search history.
`
`(56)
`
`References Cited
`
`U.S. PATENT DOCUMENTS
`
`5,326,104 A
`5,428,684 A
`
`7, 1994 Pease et al.
`6/1995 Akiyama et al.
`(Continued)
`
`FOREIGN PATENT DOCUMENTS
`
`EP
`EP
`
`T 2011
`2343677 A1
`T 2011
`2343679 A1
`(Continued)
`OTHER PUBLICATIONS
`
`ITD, "Anti-Money Laundering”, ITD, Jan. 22, 2009.
`(Continued)
`Primary Examiner — Saleh Naijar
`Assistant Examiner — Shu Chun Gao
`(74) Attorney, Agent, or Firm — Shartsis Friese LLP; Cecily
`Anne O’Regan; William C. Cray
`
`ABSTRACT
`(57)
`An apparatus includes a biometric sensor capable of identi
`fying biometric information associated with a user. A storage
`device coupled to the biometric sensor stores user informa
`tion. A biometric service is coupled to the biometric sensor
`and capable of communicating with the biometric sensor. A
`web browser application having a biometric extension com
`municates with the biometric sensor via the biometric service.
`The web browser's biometric extension is capable of com
`municating with multiple web servers.
`
`26 Claims, 11 Drawing Sheets
`
`-"
`
`102
`
`
`
`HOST PC
`
`104 SENSOR
`
`WinUSB
`DRIVER
`
`BIOMETRIC
`SERVICE
`
`APPLICATION
`
`106
`
`SECURESTORAGE
`
`APPL-1006
`APPLE INC. / Page 1 of 21
`
`

`

`US 8,799,666 B2
`Page 2
`
`(56)
`
`References Cited
`
`U.S. PATENT DOCUMENTS
`
`5,884.289
`5,930,804
`6,173,400
`6,182,076
`6,182,221
`6,332, 193
`6,819,219
`7,004,389
`7,014, 107
`7,188,362
`7,200,576
`7,269,256
`7,283,534
`7,356,705
`7,398,390
`7,530,099
`7,543.737
`7,623,659
`7,664,709
`7,685,629
`7,752.450
`7,797.434
`7,831,840
`7,844,579
`8,032.932
`8,078.885
`8, 112,787
`8,132,242
`2001/0029527
`2002fOO26478
`2002fOO73O46
`2002fO112062
`2002O112162
`2002fO156726
`2002/0174348
`2003/0074559
`2003/O123714
`2004/OO 10697
`2004.0034784
`2004/0230536
`2004/0260657
`2005.01098.35
`2005/O198377
`2006,0006224
`2006, OO78176
`2006/0212487
`2006/023.9514
`2006/0259873
`2006/0287.963
`2007, OO16943
`2007/0021198
`2007/0O3.1009
`2007/0O36400
`2007/0038867
`2007/OO.57763
`2007, OO67828
`2007/0076926
`2007/0180263
`2007/O1984.35
`2007/0226516
`
`A
`A ck
`B1
`B1
`B1
`B1
`B1
`B1
`B2
`B2
`B2
`B2
`B1
`B2
`B2
`B2
`B2
`B2
`B2
`B1
`B1
`B2
`B1
`B2
`B2
`B2
`B2
`B1
`A1
`A1
`A1
`A1*
`A1*
`A1
`A1*
`A1
`A1
`A1
`A1
`A1
`A1
`A1
`A1
`A1
`A1
`A1
`A1
`A1
`A1
`A1
`A1
`A1
`A1
`A1
`A1
`A1
`A1
`A1
`A1*
`A1
`
`3, 1999
`7, 1999
`1, 2001
`1, 2001
`1, 2001
`12, 2001
`11, 2004
`2, 2006
`3, 2006
`3, 2007
`4, 2007
`9, 2007
`10, 2007
`4, 2008
`T/2008
`5/2009
`6, 2009
`11/2009
`2, 2010
`3, 2010
`T/2010
`9, 2010
`11, 2010
`11, 2010
`10, 2011
`12, 2011
`2, 2012
`3/2012
`10, 2001
`2, 2002
`6, 2002
`8, 2002
`8, 2002
`10, 2002
`11, 2002
`4, 2003
`T/2003
`1, 2004
`2, 2004
`11, 2004
`12, 2004
`5/2005
`9, 2005
`1, 2006
`4, 2006
`9, 2006
`10, 2006
`11, 2006
`12, 2006
`1/2007
`1/2007
`2, 2007
`2, 2007
`2, 2007
`3, 2007
`3, 2007
`4, 2007
`8, 2007
`8, 2007
`9, 2007
`
`Anderson et al.
`Yu et al. ................................ 1f1
`Perlman et al.
`Yu et al.
`Hsu et al.
`Glass et al.
`Bolle et al.
`Robinson et al.
`Singer et al.
`Brandys
`Steeves et al.
`Rosen
`Kelly et al.
`Ting
`Hyser
`Flurry et al.
`Bensimon et al.
`Huang et al.
`Chantani et al.
`White et al.
`Palmer et al.
`Blakley et al.
`Love et al.
`Peterson et al.
`Speyer et al.
`Jobmann
`Buer
`
`Goshen
`Rodgers et al.
`David
`Brown et al. ................. 709,229
`Cocotis et al. ................ 713, 176
`Kleckner et al.
`Ting .............................. T13, 186
`Riggs
`O'Gorman et al.
`White
`Fedronic et al.
`Fung et al.
`Cockerham
`Jacoby et al.
`Ferguson et al.
`Modi
`Abiko et al.
`Kennis et al.
`Watanabe et al.
`Mister
`Steves et al.
`MRaihi
`Muir et al.
`Mwale
`Watanabe et al.
`Verbauwhede et al.
`Blattner et al.
`Bychkov
`Schneider et al.
`Delgrasso et al.
`Siegal et al. .................... 705/67
`Kubota
`
`2007/0237366 A1
`2007/0245152 A1
`2007/0245154 A1
`2008, OO72061 A1
`2008, OO72063 A1
`2008/O1273.11 A1
`2008. O155269 A1
`2008/O170695 A1
`2008. O1780O8 A1
`2008. O183728 A1
`2008. O185429 A1
`2008/0222049 A1
`2008/0244277 A1
`2009 OO13191, A1
`2009 OO24499 A1
`2009/0070860 A1
`2009, O164796 A1
`2009, O164798 A1
`2009, 0210942 A1
`2009, 0217366 A1
`2009/0228714 A1
`20090319435 A1
`2010.0049659 A1
`2010, 0083000 A1
`2010, OO88754 A1
`2010, 0146275 A1
`2010, 0191634 A1
`2011/0060913 A1
`2011/0082791 A1
`2011 OO82800 A1
`2011 OO828O1 A1
`2011 OO828O2 A1
`2011, 0083018 A1
`2011, 0083170 A1
`2011, 0083173 A1
`2011 0138450 A1
`2012 OO 12652 A1
`
`10/2007 Maletsky
`10/2007 Pizano et al.
`10/2007 Akkermans et al.
`3/2008 Cannon et al.
`3/2008 Takahashi et al.
`5/2008 Yasaki et al.
`6/2008 Yoshikawa
`7/2008 Adler et al.
`7/2008 Takahashi et al.
`7/2008 Cornelius et al.
`8, 2008 Saville
`9, 2008 Loomis et al.
`10/2008 Orsini et al.
`1/2009 Poposwki
`1, 2009 Ribble
`3/2009 Hirata et al.
`6/2009 Peirce
`6/2009 Gupta
`8, 2009 Abel
`8, 2009 Gao et al.
`9, 2009 Fiske et al.
`12/2009 Little, Jr. et al.
`2/2010 Cassone
`4/2010 Kesanupalli
`4/2010 Ghislanzoni
`6, 2010 Slicket al.
`7/2010 Macy et al.
`3/2011 Hird et al.
`4/2011 Baghdasaryn et al.
`4/2011 Baghdasaryn et al.
`4/2011 Baghdasaryn et al.
`4/2011 Baghdasaryn et al.
`4/2011 Kesanupalliet al.
`4/2011 Kesanupalliet al.
`4/2011 Baghdasaryn et al.
`6/2011 Kesanupalliet al.
`1/2012 Couper et al.
`
`FOREIGN PATENT DOCUMENTS
`
`T 2011
`2348272 A1
`EP
`12/2006
`2006.350767
`JP
`* 12, 1998 .............. G06F 11.00
`WO 98.57247
`WO
`WO WO 2010/034036 A1
`3, 2010
`
`OTHER PUBLICATIONS
`
`Hiltgen, et al., “Secure Internet Banking Authentication', IEEE
`Security and Privacy, IEEE Computer Society, New York, NY, US,
`Mar. 1, 2006, pp. 24-31, XP007908655, ISSN: 1540-7993.
`Hegt, “Analysis of Current and Future Phishing Attacks on Internet
`Banking Services'. Mater Thesis. Techische Universiteit
`Eindhoven—Department of Mathematics and Computer Science
`May 31, 2008, pp. 1-149, XP002630374, Retrieved from the Internet:
`URL:http://alexandriatue.nl/extral/afstversliwsk-i/hgt2008.pdf
`retrieved on Mar. 29, 2011) pp. 127-134, paragraph 6.2.
`Edward Suh and Ariniva Devadas: Physical uncloneable functions
`for device authentication and Secret key generation, ACM, Proceed
`ings of the 44th annual Design Automation Conference, 2007, New
`York.
`
`* cited by examiner
`
`APPL-1006
`APPLE INC. / Page 2 of 21
`
`

`

`U.S. Patent
`
`Aug. 5, 2014
`
`Sheet 1 of 11
`
`US 8,799,666 B2
`
`-"
`
`102
`
`
`
`HOST PC
`
`WinUSB
`DRIVER
`
`BIOMETRIC
`SERVICE
`
`APPLICATION
`
`104 SENSOR
`&6>
`N2
`
`106
`
`SECURE STORAGE
`
`FIG. 1
`
`APPL-1006
`APPLE INC. / Page 3 of 21
`
`

`

`U.S. Patent
`
`US 8,799,666 B2
`
`
`
`~^
`
`ZOZ
`
`
`
`APPL-1006
`APPLE INC. / Page 4 of 21
`
`

`

`U.S. Patent
`
`Aug. 5, 2014
`
`Sheet 3 of 11
`
`US 8,799,666 B2
`
`302
`
`304
`
`d
`
`m
`
`.
`
`.
`
`.
`
`.
`
`.
`
`.
`
`.
`
`.
`
`.
`
`.
`
`.
`
`
`
`AND PROVIDE CREDENTIALS
`(IFREQUIRED)
`
`BIOMETRIC
`SERVICE
`
`ENROL
`
`APPLICATION
`
`APPLICATION ID
`USERD
`USER CREDENTIALS
`
`
`
`
`
`
`
`
`
`
`
`306
`
`SECURE STORAGE
`
`408
`
`-1.-------------
`PLEASE SWIPE YOUR FINGER
`FOR AUTHENTICATION
`
`
`
`
`
`
`
`
`
`
`
`
`
`402
`
`404
`
`BIOMETRIC
`SERVICE
`
`
`
`AUTHENTICATE
`ORIDENTIFY
`
`APPLICATION
`
`USER CREDENTIALS
`
`406
`
`SECURESTORAGE
`
`FIG. 4
`
`APPL-1006
`APPLE INC. / Page 5 of 21
`
`

`

`U.S. Patent
`
`Aug. 5, 2014
`
`Sheet 4 of 11
`
`US 8,799,666 B2
`
`502
`
`
`
`USer D
`
`PaSSWOrd
`
`forgot my userID
`
`forgot my password
`
`Keep me signed in for today. Don't check this box
`if you're at a public Or shared Computer
`
`FIG. 5
`
`APPL-1006
`APPLE INC. / Page 6 of 21
`
`

`

`U.S. Patent
`
`Aug. 5, 2014
`
`Sheet 5 of 11
`
`US 8,799,666 B2
`
`909
`
`E10NETTWHO EH | O || ESNOCHSENH - Sc} || H
`
`
`
`
`
`
`
`
`
`
`
`
`
`APPL-1006
`APPLE INC. / Page 7 of 21
`
`

`

`U.S. Patent
`
`Aug. 5, 2014
`
`Sheet 6 of 11
`
`US 8,799,666 B2
`
`1. 700
`
`DETECT A FINGER CONTACTING A FINGERPRINT
`SENSOR
`
`READ FINGERPRINT INFORMATIONASAUSER SWIPES
`THEIR FINGER ACROSS THE FINGERPRINT SENSOR
`
`CREATE A FINGERPRINTTEMPLATE ASSOCIATED WITH
`THE FINGERPRINT INFORMATION
`
`RECEIVE USER CREDENTIALS ASSOCIATED WITH THE
`USER
`
`BIND THE USER CREDENTIALS WITH THE FINGERPRINT
`TEMPLATE
`
`STORE THE USER CREDENTIALS AND THE FINGERPRINT
`TEMPLATE
`
`702
`
`704
`
`706
`
`708
`
`710
`
`712
`
`FIG. 7
`
`APPL-1006
`APPLE INC. / Page 8 of 21
`
`

`

`U.S. Patent
`
`Aug. 5, 2014
`
`Sheet 7 of 11
`
`US 8,799,666 B2
`
`1. 800
`
`READ FINGERPRINT INFORMATION FROMA USER'S
`FINGER IN CONTACT WITH A FINGERPRINT SENSOR
`
`IDENTIFY AFINGERPRINTTEMPLATE ASSOCIATED WITH
`THE USER
`
`COMPARE THE FINGERPRINT INFORMATION READ FROM
`THE USERS FINGER WITH THE FINGERPRINT TEMPLATE
`
`808
`
`802
`
`804
`
`806
`
`
`
`
`
`sc- NO
`
`YES
`
`RETRIEVE USER CREDENTIALS ASSOCIATED WITH THE
`USER
`
`
`
`
`
`
`
`COMMUNICATE THE USER CREDENTIALS TO A
`REQUESTING PROCESS OR SYSTEM
`
`814
`
`DO NOT RETRIEVE
`USER CREDENTIALS
`
`FIG. 8
`
`APPL-1006
`APPLE INC. / Page 9 of 21
`
`

`

`U.S. Patent
`
`Aug. 5, 2014
`
`Sheet 8 of 11
`
`US 8,799,666 B2
`
`1. 900
`
`
`
`
`
`
`
`
`
`
`
`READ FINGERPRINT INFORMATION FROMA USER'S
`FINGER IN CONTACT WITH A FINGERPRINT SENSOR
`
`AUTHENTICATE THE FINGERPRINT INFORMATION
`
`906
`
`NO
`
`
`
`
`
`AUTHENTICATED?
`
`YES
`
`RETRIEVE CREDENTIALS ASSOCIATED WITH THE USER
`BASED ON THE FINGERPRINT INFORMATION
`
`DECRYPT THE USER CREDENTIALS
`
`IDENTIFY A UNIQUE IDENTIFIER ASSOCATED WITH THE
`FINGERPRINT SENSOR
`
`COMMUNICATE THE DECRYPTED USER CREDENTIALS
`AND THE UNIQUE IDENTIFIER TO AREQUESTING
`PROCESS OR SYSTEM
`
`902
`
`904
`
`908
`
`910
`
`912
`
`914
`
`
`
`GENERATE MESSAGE
`INDICATING FAILURE OF
`AUTHENTICATION
`
`916
`FIG. 9
`
`APPL-1006
`APPLE INC. / Page 10 of 21
`
`

`

`U.S. Patent
`
`Aug. 5, 2014
`
`Sheet 9 of 11
`
`US 8,799,666 B2
`
`/1 1000
`
`AWEB BROWSERAPPLICATION ACCESSES AWEB
`SITE THAT SUPPORTS BIOMETRICAUTHENTICATION
`
`DETERMINE WHETHER A BIOMETRIC DEVICES
`INSTALLED IN THE SYSTEM EXECUTING THE WEB
`BROWSERAPPLICATION
`
`
`
`
`
`BIOMETRIC DEVICE
`INSTALLED2
`
`1006
`
`1002
`
`1004
`
`THE WEB BROWSERAPPLICATION OFFERSENHANCED
`SECURITY TO AUSER THROUGH THE USE OF THE
`BIOMETRIC DEVICE
`
`
`
`
`
`USERACCEPTS OFFER
`OF ENHANCED SECURITY?
`
`YES
`
`USERENROLLS USING THE BIOMETRIC DEVICE
`
`1012
`
`
`
`1014
`
`THE WEB BROWSERAPPLICATION
`OPERATES WITHOUT BIOMETRIC
`AUTHORIZATION
`
`FIG. 10
`
`APPL-1006
`APPLE INC. / Page 11 of 21
`
`

`

`U.S. Patent
`
`Aug. 5, 2014
`
`Sheet 10 of 11
`
`US 8,799,666 B2
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`APPL-1006
`APPLE INC. / Page 12 of 21
`
`

`

`U.S. Patent
`
`Aug. 5, 2014
`
`Sheet 11 of 11
`
`US 8,799,666 B2
`
`
`
`APPL-1006
`APPLE INC. / Page 13 of 21
`
`

`

`US 8,799,666 B2
`
`1.
`SECURE USER AUTHENTCATION USING
`BOMETRIC INFORMATION
`
`RELATED APPLICATIONS
`
`This application claims the benefit of U.S. Provisional
`Application No. 61/249,218, filed Oct. 6, 2009, the disclosure
`of which is incorporated by reference herein. This application
`also claims the benefit of U.S. Provisional Application No.
`61/292.820, filed Jan. 6, 2010. This application also refer
`ences the following U.S. Non-Provisional Applications: U.S.
`Non-Provisional application Ser. No. 12/731,027, filed Mar.
`24, 2010, U.S. Non-Provisional application Ser. No. 12/731,
`037, filed Mar. 24, 2010, U.S. Non-Provisional application
`Ser. No. 12/751,952, filed Mar. 31, 2010, U.S. Non-Provi
`sional application Ser. No. 12/751,964, filed Mar. 31, 2010,
`U.S. Non-Provisional application Ser. No. 127751,983, filed
`Mar. 31, 2010, U.S. Non-Provisional application Ser. No.
`12/751,954, filed Mar. 31, 2010, U.S. Non-Provisional appli
`cation Ser. No. 127751,969, filed Mar. 31, 2010, and U.S.
`Non-Provisional application Ser. No. 12/793,499, filed Jun.
`3, 2010. All of these co-pending applications are incorporated
`by reference herein.
`
`10
`
`15
`
`BACKGROUND
`
`25
`
`2
`FIG.2 depicts another example system capable of perform
`ing biometric user enrollment and authentication.
`FIG.3 depicts an example user enrollment process.
`FIG. 4 depicts an example user authentication process.
`FIG. 5 depicts an example user login interface.
`FIG. 6 depicts another example system capable of perform
`ing biometric user enrollment and authentication.
`FIG. 7 is a flow diagram depicting an embodiment of a
`procedure for enrolling a user of a biometric authentication
`system.
`FIG. 8 is a flow diagram depicting an embodiment of a
`procedure for authenticating a user of a biometric authenti
`cation system.
`FIG. 9 is a flow diagram depicting another embodiment of
`a procedure for authenticating a user of a biometric authen
`tication system.
`FIG. 10 is a flow diagram depicting an embodiment of a
`procedure for authenticating a user of a Web browser appli
`cation that Supports biometric authentication.
`FIG. 11 depicts another embodiment of a procedure for
`enrolling a user of a biometric authentication system.
`FIG. 12 depicts another embodiment of a procedure for
`identifying and authenticating a user of a biometric authenti
`cation system.
`Throughout the description, similar reference numbers
`may be used to identify similar elements.
`
`DETAILED DESCRIPTION
`
`The systems and methods described herein relate to bio
`metric authentication of users. "Biometrics” and “biometric
`information” refers to measurable biological characteristics
`of a user, Such as a fingerprint, facial characteristics, eye
`characteristics, Voice characteristics (also referred to as a
`“voiceprint”) and the like. As discussed herein, biometric
`information provides an additional level of security when
`used in Systems and procedures related to authentication of a
`USC.
`Particular examples discussed herein use fingerprint bio
`metric information to authenticate one or more users. In other
`embodiments, any type of biometric information may be used
`instead of fingerprint information. Additionally, a particular
`embodiment may utilize multiple types of biometric informa
`tion (e.g., fingerprints and Voiceprints) to authenticate a user.
`Certain described embodiments refer to “swipe' style finger
`print sensors. However, alternate embodiments may include
`any type offingerprint sensor, Such as a “placement’ sensor.
`In particular embodiments, the biometric sensor is physically
`attached (or manufactured into) a client device. Such as a
`computer, cellular phone, and so forth. In other embodiments,
`the biometric sensor is a portable device that is temporarily
`coupled to the client device (e.g., a pluggable USB device) for
`enrollment and/or authentication procedures.
`As used herein, a “web application', a “web-based appli
`cation', and a “web-enabled application” refers to a software
`application or Software routine that is capable of communi
`cating with one or more web servers or similar devices via the
`Internet or other data communication network. Additionally,
`a “plug-in' or a “browser plug-in” refers to an application or
`extension that provides a variety of different features and
`functions. Particular examples of “plug-ins' and “browser
`plug-ins' discussed herein provide features and functions
`related to user authentication while, for example, accessing
`web sites, making secure transactions, and the like. In par
`ticular embodiments, the browser plug-in is installed as part
`of the manufacturing process of devices equipped with asso
`ciated biometric devices. In specific implementations, the
`
`35
`
`Typical user authentication systems and procedures use
`passwords to authenticate the identity of the user. In many
`instances, Web sites are authenticated using SSL (Secure
`Sockets Layer) or other protocols. SSL is a protocol for
`30
`securely transmitting information via the Internet. When
`using SSL, a Web site is authenticated via its certificate. The
`user seeking access to the Web site is then authenticated by
`username and password.
`Although passwords are commonly used to authenticate
`users, passwords are subject to various attacks. Such as phish
`ing attacks, social engineering attacks, dictionary attacks and
`the like. Typically, longer passwords with combinations of
`letters and numbers provide a higher level of security. How
`ever, these longer passwords are more difficult for users to
`40
`remember. Additionally, passwords provide a single factor of
`authentication by requiring the user to provide something
`they know. This factor does not provide any physical authen
`tication of the user's identity. Thus, any person can access the
`user's Web-based accounts and information if they gain
`knowledge of the user's password and username.
`Another potential threat associated with user passwords is
`commonly referred to as “Man in the Browser' attack. This
`type of attack uses a malicious Software application (com
`monly known as “malware') running in the internet browser
`application while the user is, for example, logging into a web
`site, accessing confidential information, or performing a
`financial transaction. One implementation of this attack
`obtains access to the user's password as the user provides the
`password to the internet browser application. Once the user's
`password is obtained, the malware application can perform a
`variety of malicious actions associated with the user's
`acCOunt.
`Therefore, it is desirable to provide a user authentication
`method and system that provides a more secure authentica
`tion of the user than commonly used password-based meth
`ods and systems.
`
`45
`
`50
`
`55
`
`60
`
`BRIEF DESCRIPTION OF THE DRAWINGS
`
`FIG. 1 depicts an example system capable of performing
`biometric user enrollment and authentication.
`
`65
`
`APPL-1006
`APPLE INC. / Page 14 of 21
`
`

`

`US 8,799,666 B2
`
`10
`
`15
`
`3
`browser plug-in is operable with any biometric device that
`supports the Windows Biometric Framework or other sup
`ported architectures or systems.
`As discussed above, typical passwords do not provide any
`physical authentication of the user's identity. Thus, any per
`Son or machine can access a user's Web-based accounts and
`related information if they gain knowledge of the user's pass
`word and username. Using biometric information in the user
`authentication process provides an increased level of security
`by authenticating physical characteristics of the user. Thus, an
`imposter with the correct password but lacking the required
`physical characteristics will not be authenticated by the sys
`tem.
`The systems and methods described herein perform bio
`metric user authentication in several steps. Initially, a user
`enrolls with the biometric user authentication system by bind
`ing their user credentials with the user's biometric template (a
`“fingerprint template in specific implementations). The bio
`metric template contains information related to the user's
`biometric characteristics (also referred to as “biometric infor
`mation') obtained from a biometric sensor that scans or reads
`the user's biometric characteristics. Such as a fingerprint. A
`user identification process identifies a particular user among
`multiple enrolled users (e.g., multiple users enrolled with a
`particular device, system or biometric sensor). A user verifi
`cation process verifies that the user who provides their bio
`metric information is who they claim to be by comparing the
`user's biometric information with the biometric template
`obtained during enrollment of that user. The enrollment, iden
`tification and verification of users is discussed in greater
`detail herein.
`During an example enrollment process that uses a finger
`print sensor as the biometric sensor, a user Swipes their finger
`across the fingerprint sensor several times to create a finger
`print template. The fingerprint template contains qualitative
`fingerprint information that allows the user's fingerprint to be
`distinguished from fingerprints associated with other users.
`In alternate embodiments, a placement fingerprint sensor
`(also referred to as a static fingerprint sensor) is used Such that
`a user places their finger on the fingerprint sensor rather than
`'Swiping their finger across the fingerprint sensor. After
`creating a fingerprint template, the user (or a web server or
`other system) provides user credentials, such as a password,
`cryptographic key, random seed, and the like. The systems
`and procedures described herein bind the user's fingerprint
`template with the user credentials. The fingerprint template
`and user credentials are then stored in a secure storage device.
`In one embodiment the secure storage device is contained
`within the fingerprint sensor hardware. In other embodi
`ments, the secure storage device is contained in a device that
`utilizes the fingerprint sensor.
`During an example user identification process (also
`referred to as a user verification process), a user Swipes their
`finger across a fingerprint sensor. The process then deter
`mines whether the user's fingerprint information matches a
`fingerprint template associated with the fingerprint sensor. If
`the user's fingerprint information matches a fingerprint tem
`plate, the user's credentials are released to the user and/or a
`service or process requesting the user verification. Thus, the
`user credentials are not released from the secure storage
`device until a matching fingerprint template is confirmed. In
`particular embodiments, the user credentials released as a
`result of a match with a fingerprint template are not necessar
`ily the same credentials provided by the user during the
`enrollment process. For example, the user credentials
`released after finding a matching fingerprint template may
`include an OTP (One Time Password) token, RSA signature
`
`4
`and the like. The enrollment process can be initiated by a Web
`server, a Web browser plug-in, and the like.
`The described systems and methods communicate user
`credentials to a specific address, location, or other recipient
`identifier. Thus, even if an imposter can gain access to the user
`credentials, the system will send those user credentials to a
`predetermined address or location, thereby preventing the
`imposter from attempting to have the user credentials sent to
`an alternate address or location. The address or location infor
`mation is stored within the user credentials and is established
`as part of the enrollment process.
`Particular embodiments of the systems and methods dis
`cussed herein use strong cryptographic algorithms imple
`mented in hardware and/or software. Example cryptographic
`algorithms include AES (Advanced Encryption Standard)
`256, SHA (Secure Hash Algorithm) 256 and RSA 2048.
`Example biometric sensors are compatible with various stan
`dards, such as OATH-OCRA (OATH Challenge/Response
`Algorithms), TOPT (Time-based One-time Password Algo
`rithm), HOPT (HMAC-Based OTP Algorithm) and PKCS
`(Public Key Cryptography Standards) #11, RSA SecureID
`based OTP, and the like.
`In a particular implementation, each biometric sensor has a
`unique identifier (ID) that is used to strengthen the level of
`security provided by the system or process. This unique ID
`provides an additional authentication factor representing
`“something you have’. Since each biometric sensor has a
`unique ID, each user's biometric template and user creden
`tials can be uniquely associated with a specific biometric
`SSO.
`Specific implementations include a biometric sensor as
`part of a multi-component or multi-element authentication
`system. Particular embodiments may include one or more
`authentication factors, such as: 1. Something you are; 2.
`Something you have; and 3. Something you know.
`The systems and methods described herein are useful in
`performing Web site authentication. In example embodi
`ments, a Web site that Supports the authentication procedures
`discussed herein includes an HTML (Hyper Text Markup
`Language) tag that identifies a Web browser plug-in (also
`referred to as a “biometric plug-in”) that is installed on the
`user's computing device. This HTML tag indicates to the
`browser that the Web site supports biometric authentication.
`Other example embodiments include an extension of an exist
`ing Web browser plug-in. Further implementations may uti
`lize a browser helper object, ActiveX control, Browser Exten
`Sion, or other approaches. In particular implementations, the
`Web browser plug-in obtains the biometric sensor's unique
`ID and communicates that unique ID (or a hash of the unique
`ID) to a web server via HTTP or HTTPS.
`When a user accesses the Web site, the Web browser plug
`in is activated and detects that a biometric sensor is installed
`in the user's computing device. The Web site Suggests that the
`user enroll with their biometric sensor to provide a more
`secure user authentication. If the user accepts, the Web
`browser plug-in activates the enrollment process to enroll the
`user. This enrollment process includes binding the Web site to
`the specific user. The Web site then generates a secret key and
`passes the Secret key to the user's computing device via a
`secure connection between the Web site and the user's com
`puting device. In a particular implementation, the "enroll
`ment' process includes enrolling the user's fingerprint and
`generating a secret key.
`If the user also wants to bind their computing device with
`Web site authentication, the Web browser plug-in sends the
`biometric sensor's ID to the Web site server or other device?
`system. Multiple embodiments store information in various
`
`25
`
`30
`
`35
`
`40
`
`45
`
`50
`
`55
`
`60
`
`65
`
`APPL-1006
`APPLE INC. / Page 15 of 21
`
`

`

`US 8,799,666 B2
`
`5
`formats and on various devices or components within a sys
`tem. Example embodiments may utilize a hash of the shared
`secret, a hash of the biometric sensor ID, and the like. At this
`point, the user can select different factors for authentication.
`In a particular embodiment, the Web site may require stronger
`authentication when an important operation is being per
`formed on the Web site, such as accessing a bank account or
`other sensitive data.
`After a user has enrolled with a particular Web site that
`Supports biometric authentication, Subsequent visits to the
`same Web site cause the Web browser plug-in to detect that
`the user has already enrolled with the Web site. In this situa
`tion, the Web site prompts the user to perform user authenti
`cation (e.g., using the biometric device). In the case of a
`fingerprint sensor, the user Swipes their finger across the
`fingerprint sensor or places their finger on the fingerprint
`sensor. If the fingerprint information matches a fingerprint
`template associated with the fingerprint sensor, the Web
`browser plug-in releases user secrets from the user creden
`tials. In particular embodiments, the fingerprint sensor
`releases an OTP token or an RSA signature instead of plain
`text credentials. After the credentials are released, they are
`communicated to the Web site to complete the user authenti
`cation process. In specific implementations, the server may
`generate a random challenge and communicate that challenge
`to the client device. The Web browser plug-in (or the biomet
`ric sensor) uses this challenge to construct a response based
`on the secure key and the random challenge. The response
`may be a hash of the secure key, a hash of the random chal
`lenge, or any other calculation. The server validates the user
`credentials and authenticates the user if the validation is suc
`cessful.
`In particular implementations, the user performs the
`enrollment process for each Web site the user accesses that
`supports biometric authentication. Additionally, different
`user credentials are associated with each Web site with which
`the user enrolls. Thus, if the user enrolls with five different
`Web sites that support biometric authentication, the biometric
`sensor in the user's computing device stores five separate sets
`ofuser credentials, each of which is associated with one of the
`five different Web sites. Additionally, if different users access
`the same Web site, separate user credentials and separate
`biometric templates are maintained for each user.
`Particular embodiments of the Web browser plug-in sup
`port WBF (Windows Biometric Framework), thereby sup
`porting any biometric device that supports the WBF interface.
`The Web browser plug-in also supports the Application Pro
`gramming Interface specified by the BioAPI Consortium.
`In alternate embodiments, the systems and methods deter
`mine that a Web site supports biometric authentication by
`providing a service or process that monitors Web site data and
`detects certain types of transactions on secure web sites.
`When a secure transaction is initiated, the systems and meth
`ods check the computing device accessing the Web site to
`determine if the computing device includes a fingerprint sen
`sor or other biometric device. If so, an enrollment and/or
`authentication process is activated to offer an enhanced level
`of security to the user, as described herein.
`FIG. 1 shows an example system 100 capable of perform
`ing biometric user enrollment and authentication via a bio
`metric sensor 104 (Such as a fingerprint sensor or other bio
`metric device). In this example, a biometric service 110
`executes on a host PC 102 and communicates with one or
`more applications 112 that may request user authentication.
`Example applications include Internet browser applications,
`financial applications, and the like. In a particular embodi
`ment, the validity biometric service uses a Windows API (e.g.,
`
`40
`
`45
`
`6
`a WinUSB Driver) 108 to encrypt a fingerprint template data
`base with system account credentials. In alternate embodi
`ments, any type of API or similar interface may be used in
`place of Windows API 108. Biometric sensor 104 has a
`unique 128 bit encryption key and a unique identifier (e.g.,
`serial number). The enrolled credentials of a user are
`encrypted with the encryption key and stored in a storage
`device. Such as secure storage 106. In a particular embodi
`ment, biometric service 110 is implemented as a service
`application running in a local system account.
`In a particular embodiment, application 112 is an Internet
`browser application executing on host PC 102 and commu
`nicating with various web servers via the Internet. Applica
`tion 112 includes a browser extension or browser plug-in that
`communicates with biometric service 110. In one implemen
`tation, biometric service 110 is a secure application executing
`in a background mode on host PC 102. Thus, biometric ser
`vice 110 provides a communication interface to biometric
`sensor 104. The browser extension (or browser plug-in) asso
`ciated with application 112 is capable of communicating
`transaction details, random challenges, signature informa
`tion, user information, and other data to biometric service
`110. Biometric service 110 also communicates with one or
`more web servers as part of the user enrollment and/or user
`authentication procedure.
`FIG. 2 shows another example system 200 capable of per
`forming biometric user enrollment and authentication via a
`biometric sensor 204. System 200 includes a host PC 202, a
`WinUSB driver 210, a biometric service 212 and an applica
`tion 214 similar to the components discussed above with
`respect to FIG. 1. In the example of FIG. 2, the biometric
`sensor decrypts the user credentials only after a successful
`biometric reading, Such as a fingerprint Swipe or fingerprint
`scan (using a placement style fingerp