throbber
as) United States
`a2) Patent Application Publication 10) Pub. No.: US 2007/0245157 Al
`(43) Pub. Date: Oct. 18, 2007
`
`Giobbiet al.
`
`US 20070245157A1
`
`(54)
`
`(76)
`
`TWO-LEVEL AUTHENTICATION FOR
`SECURE TRANSACTIONS
`
`Inventors: John J. Giobbi, Bend, OR (US); David
`L. Brown, Jupiter, FL (US); Fred S.
`Hirt, Brookfield, IL (US)
`
`Correspondence Address:
`FENWICK & WEST LLP
`SILICON VALLEY CENTER
`801 CALIFORNIA STREET
`MOUNTAIN VIEW, CA 94041 (US)
`
`(21)
`
`Appl. No.:
`
`—-11/744,831
`
`(22)
`
`Filed:
`
`May5, 2007
`
`Related U.S. Application Data
`
`(63)
`
`(60)
`
`Continuation-in-part of application No. 11/292,330,
`filed on Nov. 30, 2005.
`
`Provisional application No. 60/798,172, filed on May
`5, 2006. Provisional application No. 60/798,843, filed
`on May8, 2006. Provisional application No. 60/838,
`788, filed on Aug. 17, 2006. Provisional application
`
`No. 60/824,758, filed on Sep. 6, 2006. Provisional
`application No. 60/894,608, filed on Mar. 13, 2007.
`
`Publication Classification
`
`(51)
`
`Int. CL
`(2006.01)
`HOAL 900
`(52) U.S. CMe
`eccccssscssssesssssstensssesseeestenssinsesvesee 713/186
`
`(57)
`
`ABSTRACT
`
`A system and method provide efficient, secure, and highly
`reliable authentication for transaction processing and/or
`access control applications. A Personal Digital Key stores
`one or moreprofiles (e.g., a biometric profile) in a tamper-
`proof memory that is acquired in a secure trusted process.
`Biometric profiles comprise a representation of physical or
`behavioral characteristics that are uniquely associated with
`an individual that owns and carries the PDK. The PDK
`
`wirelessly transmits the biometric profile over a secure
`wireless transaction to a Reader for use in a biometric
`
`authentication process. The Reader compares the received
`biometric profile to a biometric input acquiredat the point of
`transaction in order to determineif the transaction should be
`authorized.
`
`
`
`STABLISH COMMUNICATION
`BETWEEN RDC AND PDK
`WITHIN RANGE
`
`402
`
`PERFORM DEVICE
`AUTHENTICATION
`
`YES
`
`PERFORM PROFILE
`AUTHENTICATION
`
`TRANSACTION
`NOT AUTHORIZED
`
`PROFILE(s) VALID?
`
`
`YES
`
`
`
`
`COMPLETE TRANSACTION
`
`MICROSOFT 1005
`
`1
`
`MICROSOFT 1005
`
`

`

`Patent Application Publication Oct. 18,2007 Sheet 1 of 8
`
`US 2007/0245157 Al
`
`901
`
`
`
`“Z|yd
`
`2Ol
`
`WaLN39 |Old
`
`ALVAIYd
`
`b#AYLSIDAY
`
`AYLSIDSY
`
`91}
`
`vlh
`
`NOLLVOIIVA
`
`asvavlvd
`
`ay
`
`u3adqvauy
`
`80
`
`<+—INdNI
`
`OMLAWOIE
`
`vor
`
`001
`
`2
`
`

`

`US 2007/0245157 Al
`
`SeSedials
`
`CLG9ee¢Q1al4diNLV
`
`dlALIS
`
`Bee
`
`
`
`
`
`(0&2)VLVd31140ud(222)AMOLSIH3140ud
`
`Patent Application Publication Oct. 18,2007 Sheet 2 of 8 092Ove
`
`YAAIFOSNVYLO/lYAWWVeDOdd
`
`C&SveebQ1alddlYaWWVeOOud
`
`
`
`
`
`
`
`bFdOuUd
`
`
`
`Orc)ANOWSW
`
`(s)31140Nd
`
`0ce
`
`3
`
`

`

`Patent Application Publication Oct. 18,2007 Sheet 3 of 8
`
`
`
`
`
`sasvavlvdYYOMLIN(s)ysavayvol
`
`
`
`SLAWOlEo1dLaNOle
`
`Ysdqvay
`
`ve
`
`
`
`TWNIWYSLO/lIWNIWASL
`
`JOYLNOODche
`
`—
`
`OLE
`
`
`
`ISNLVLS10dO/|
`
`US 2007/0245157 Al
`
`€Sls
`
`Oller
`
`—
`
`
`
`AYLSIDSe/FOVAYALNICOE
`
`
`
`
`
`
`
`Guv9LIGSYoGYWOLIG3Yd,cor
`
`4
`
`
`

`

`Patent Application Publication Oct. 18,2007 Sheet 4 of 8
`
`US 2007/0245157 Al
`
` ESTABLISH COMMUNICATION
`
`
`
`BETWEEN RDC AND PDK
`WITHIN RANGE
`
`PERFORM DEVICE
`AUTHENTICATION
`
`404
`
`NO ESAD~A
`
`YES
`
`BUFFER PDK INFORMATION
`IN RDC
`
`|
`
`408
`
`
`
` NO PROFILE
`
`AUTHENTICATION
`
`REQUIRED?
`
`440
`
`YES
`
`PERFORM PROFILE
`AUTHENTICATION
`
`402
`
`
`
`
`NOT AUTHORIZED
`
`
`
`
`
`PROFILE(s) VALID?
`
`TRANSACTION
`
`COMPLETE TRANSACTION
`
`FIG. 4
`
`5
`
`

`

`Patent Application Publication Oct. 18,2007 Sheet 5 of 8
`
`US 2007/0245157 Al
`
`
`
`ANALYZE PDK
`INFORMATION AT RDC
`
`
`
`ANALYZE RDC
`INFORMATION AT PDK
`
`
`
`
`
`PDK & RDC VALID?
`
`DEVICES
`INVALID
`
`
`
`502
`
`503
`
`504
`
`506
`
`908
`
`6
`
`

`

`Patent Application Publication Oct. 18,2007 Sheet 6 of 8
`
`US 2007/0245157 Al
`
` ESTABLISH SECURE
`
`COMMUNICATION CHANNELWITH
`PDK
`
`602
`
`RANSMIT PROFILE AUTHENTICATION
`REQUEST(s) TO PDK
`
`604
`
`TRIGGER REQUIRED?
`
`608
`
`YES
`
`MONITOR INPUTS
`
`
`
`
`610= 612
`
`
`
`614
`
`
`PERFORM PROFILE TEST(s)
`
`FIG. 6
`
`7
`
`

`

`Patent Application Publication Oct. 18,2007 Sheet 7 of 8
`
`US 2007/0245157 Al
`
`endZpeysenbey
`ONWinyNid
`
`uoyeonuayyn
`
`972Jasn
`WOl4Nidauinboy
`
`gz)—~4ddwosaides|}Nidaaiacay|———,——J
`
`
`
`
`
`————~_seyoyewajdwes>ON<
`
`OSLONLeaanduy
`
`Nid|i.eAlo0ey
`
`
`
`AddWosyB[YO.le]
`
`702
`
`oujawolgUeIg
`
`
`
`UoeOHUSYNYOLjeWwolg
`
`Epaysenbay
`
`
`80d|ajdwes-o1gavleoey|Taee
`eTJWdwos
`
`
`————<__seyojeyojdweg>ON
`OLmeweBURG
`
`
`
`
`
`
`
`OUJaWOlg[NJarlaoay
`
`B[Old
`
`8
`
`
`
`
`
`

`

`Patent Application Publication Oct. 18,2007 Sheet 8 of 8
`
`US 2007/0245157 Al
`
`Aysibew
`
`UOHEORUELINY
`
`
`
`UMjauUeYDUORPOIUNWWOD
`
`
`
`aunoesysijqe}sy
`
`
`
`[OldDifAAIG0OY
`
`WdWoy
`
`O}OJU]WdUSUEL|
`
`9vZ
`
`uodqAejdsiq
`
`usa10S
`
`
`
`WOl-4SNESYdaAleooy
`
`Aysibay
`
`0}J9|DJAW
`
`Auag/uuyuo
`
`uep|
`
`OLLCLL
`oSvSZ
`
`pueAuy
`
`
`
`eyodJON
`
`aI
`
`pen
`
`ZPawWwuyuo
`
`Ayjuep|
`
`[Od
`
`PIIEA
`
`QZSls
`
`JLOld
`
`9
`
`
`
`
`
`

`

`US 2007/0245157 Al
`
`Oct. 18, 2007
`
`TWO-LEVEL AUTHENTICATION FOR SECURE
`TRANSACTIONS
`
`CROSS-REFERENCE TO RELATED
`APPLICATIONS
`
`[0001] The present application claims priority under 35
`US.C. § 120 as a continuation-in-part of pending U'S.
`patent application Ser. No. 11/292,330 entitled “Personal
`Digital Key And Receiver/Decoder Circuit System And
`Method,” filed on Nov. 30, 2005, the entire contents of
`which are hereby incorporated by reference.
`
`[0002] The present application claims the benefit of pri-
`ority under 35 U.S.C. § 119(e) of U.S. Provisional Appli-
`cation No. 60/798,172 entitled “Touch Pay”filed on May 5,
`2006; U.S. Provisional Application No. 60/798,843 entitled
`“Touch Pay”filed on May 8, 2006; U.S. Provisional Appli-
`cation No. 60/838,788 entitled “Personal Digital Key Acces-
`sible Storage Device and Processor”filed on Aug. 17, 2006;
`USS. Provisional Application No. 60/824,758 entitled “Tru-
`prox Touch Technology”filed on Sep. 6, 2006; and U.S.
`Provisional Application No. 60/894,608 entitled “TruProx
`Stored-Photo Extension” filed on Mar. 13, 2007, the entire
`contents of which are all herein incorporated by reference.
`
`BACKGROUND
`
`[0003]
`
`1. Field of Art
`
`to electronic
`[0004] The invention generally relates
`authentication, and more specifically, to secure authentica-
`tion using biometric verification.
`
`[0005]
`
`2. Description of the Related Art
`
`[0006] Optimizing sales transactions and providing secure
`access to physical and/or digital assets are challenges faced
`by many businesses and organizations. Ensuring these pro-
`cesses are safe, efficient and simple is important to mer-
`chants, providers, users and consumers alike. Convention-
`ally, technologies such as magnetic cards (e.g., credit cards,
`debit cards, ATM cards, and employee badges) have been
`used in attempt
`to address these needs. More recently,
`various contactless cards or tokens requiring placement near
`compatible readers have been used.
`
`[0007] Each of these technologies, however, has inherent
`problems in providing secure transaction processing and
`access control. In particular, the conventional technologies
`fail
`to sufficiently ensure that
`individuals attempting to
`perform a transaction are associated with the access device
`and are authorized to do so. Conventional attempts to
`address this issue include requiring users to provide Personal
`Identification Numbers (PINs) or passwords in conjunction
`with account numbers. While in some instances,
`these
`options have helped to combat fraudulent activity, these
`solutions add unwanted complexity and delay to transac-
`tions. With the growing need to memorize various PINs and
`passwords,
`individuals tend to repeatedly use the same,
`simple phrase to protect many items, or worse, keep the
`written phrases in their purse/wallet or next to their com-
`puter. Thus,
`the use of PINs and passwords are often
`defeated.
`
`[0008] A technology better suited to address the issue of
`authenticating users is biometrics. In biometric authentica-
`tion, physical and/or behavioral characteristics of an indi-
`
`vidual are analyzed to uniquely identify the individual. For
`example, biometric characteristics can include fingerprint,
`retinal, iris, face, palm, DNA, voice or signature character-
`istics that can each be uniquely associated with the indi-
`vidual. However, traditional biometric authentication solu-
`tions also suffer from significant problems. First, traditional
`biometric authentication techniques typically expose the
`participating parties to serious liabilities, risks and ineffi-
`ciencies. Conventional biometric authentication techniques
`nearly always require users to release personal, private and
`unchangeable data to a controlling-entity (e.g., a merchant or
`business authority) or to a third-party relied upon by the
`controlling-entity. This exposes an individual’s personal
`biometric information to the possibility of theft and fraudu-
`lent use. Further, controlling entities must either assume the
`risks andliabilities of storing this data, or trust the data to a
`third-party’s care.
`
`conventional biometric authentication
`Second,
`[0009]
`techniques generally require an individual to submit bio-
`metric information (e.g., a fingerprint, retinal scan, facial
`scan, or signature) for storage in a database that can then be
`later used for comparison with biometric data acquired at the
`point of transaction. This “enrollment” process is time-
`consuming, risky, error-prone and considered intrusive by
`many individuals. Further, the enrollment process must be
`repeated for each individual for every intended use. For
`example, a user may need to enroll for biometric authenti-
`cation with his/her company (e.g., for secure access to
`facilities or digital files), and separately enroll with various
`merchants using biometric authentication for transactions.
`Thus, the individual has to spend significant time complet-
`ing each separate enrollment, and additionally must trust
`each entity with his/her personal biometric information. For
`these reasons alone many individuals do not even consider
`these options.
`
`[0010] The above-defined issues represent serious road-
`blocks to the widespread deployment and acceptance of
`conventional biometric authentication options. Unless the
`identified deficiencies are addressed, the full potential of
`biometric solutions will never be realized. Therefore, a new
`technology is needed that provides highly reliable, safe and
`efficient secure authentication for transaction-processing
`and/or access control. Moreover, the new technology should
`allow for a simple and efficient enrollment process that does
`not put an individual’s highly personal informationat risk of
`identity theft or other fraudulent use.
`
`SUMMARY
`
`[0011] A system and methodprovide efficient, secure and
`highly reliable authentication for transaction processing
`and/or access control applications. A portable physical
`device, referred to herein as a Personal Digital Key or
`“PDK”, stores one or more profiles (e.g., a biometric profile)
`in a tamper-proof memory. The biometric profile is acquired
`in a secure trusted process and is uniquely associated with an
`individual that is authorized to use and is associated with the
`PDK. The PDK can wirelessly transmit the identification
`information including a unique PDK identification number
`and the biometric profile over a secure wireless channel for
`use in an authentication process. Additionally, the PDK can
`store other information such as credit/debit card informa-
`tion, bank information, or personal information in a memory
`for use in authorizing or completing a transaction.
`
`10
`
`10
`
`

`

`US 2007/0245157 Al
`
`Oct. 18, 2007
`
`[0012] Typically, a receiving device, referred to herein as
`a Reader, wirelessly receives the profile from the PDK in
`order to process a transaction or provide access to secure
`digital or physical assets. In one embodiment, the Reader
`acquires a biometric input from the individual carrying the
`PDKatthe point of transaction. The biometric input can be
`acquired by, for example, a fingerprint scan, iris scan, retinal
`scan, palm scan, face scan, DNA analysis, signature analy-
`sis, voice analysis or any other input mechanism that pro-
`vides physical or behavioral characteristics uniquely asso-
`ciated with the individual. The Reader compares the
`biometric profile received from the PDK to the biometric
`input obtained at the point of transaction to determineif a
`transaction should be authorized.
`
`In one embodiment, the Reader is further adapted
`[0013]
`to communicate with one or more remote registries to
`provide an additional layer of security in the authentication
`process.
`Information transmitted from the PDK can be
`compared to entries stored in the registries to ensure the
`PDK(and its owner) have not participated in any fraudulent
`use and that the PDK is not invalid, lost or stolen. In yet
`another embodiment, one or more biometric authentications,
`remote registry authentications or other types of authenti-
`cation are used in combination.
`
`[0014] The features and advantages described in the speci-
`fication are not all inclusive and in particular, many addi-
`tional features and advantages will be apparent to one of
`ordinary skill in the art in view of the drawings, specification
`and claims. Moreover, it should be noted that the language
`used in the specification has been principally selected for
`readability and instructional purposes, and may not have
`been selected to delineate or circumscribe the inventive
`
`subject matter.
`
`BRIEF DESCRIPTION OF THE FIGURES
`
`[0015] FIG. 1 is a high level block diagram illustrating a
`system for secure electronic authentication.
`
`[0016] FIG. 2 is a block diagram illustrating one embodi-
`ment of a Personal Digital Key (PDK).
`
`[0017] FIG. 3 is a block diagram illustrating one embodi-
`ment of a Reader.
`
`[0018] FIG. 4 is a flowchart illustrating one embodiment
`of a process for authorizing a transaction using secure
`authentication.
`
`[0025] The figures depict various embodiments of the
`present
`invention for purposes of illustration only. One
`skilled in the art will readily recognize from the following
`discussion that alternative embodiments of the structures
`
`and methods illustrated herein may be employed without
`departing from the principles of the invention described
`herein.
`
`DETAILED DESCRIPTION
`
`FIG. 1 is a high level block diagram illustrating a
`[0026]
`system for securely authenticating an individual for trans-
`action-processing and/or access control applications. The
`system 100 comprises a Personal Digital Key (PDK) 102, a
`Reader 108, a network 110 and one or more external
`databases including a validation database 112, a Central
`Registry 114 and one or moreprivate registries 116. The
`Reader 108 is coupled to the PDK 102 by a wireless link 106
`and coupled to a network 110 by either a wired or wireless
`link. The Reader 108 is also adapted to receive a biometric
`input 104 from a user andis capable of displaying status to
`a user. The network 110 couples the validation database 112,
`the Central Registry 114 and twoprivate registries 116 to the
`Reader 108. In alternative embodiments, different or addi-
`tional external registries or databases may be coupledto the
`network 110. In another embodiment, the Reader 108 oper-
`ates as a standalone device without a connection to the
`network 110.
`
`[0027] The system 100 addresses applications where it is
`important to ensure a specific individual is authorized to
`perform a giventransaction. A transaction as used herein can
`include executing a purchase or financial dealing, enabling
`access to physical and/or digital items, verifying identifica-
`tion or personal information or executing other tasks where
`it is important to authenticate an individual for use. Gener-
`ally, the Reader 108 wirelessly receives information stored
`in the PDK 102 that uniquely identifies the PDK 102 and the
`individual carrying the PDK 102. The Reader 108 can also
`receive a biometric input 104 from the individual. Based on
`the received information, the Reader 108 determines if the
`transaction should be authorized. Beneficially, the system
`100 provides comprehensive authentication without
`the
`need for PINs or passwords. Moreover, personal biometric
`information need notbe stored in any local or remote storage
`database and is only stored on the user’s own PDK. Fur-
`thermore, in one embodiment, purchase transactions can be
`efficiently completed without requiring the use of physical
`credit cards, tokensor other user action beyondinitiating the
`transaction.
`
`[0019] FIG. 5 is a flowchart illustrating one embodiment
`of a process for device authentication by a Reader.
`
`FIG.6 is a flowchart illustrating one embodiment
`[0020]
`of a process for profile authentication by a Reader.
`
`[0021] FIG. 7A isa flowchart illustrating one embodiment
`of a process for profile testing using a biometric input.
`
`[0028] The credibility of the system 100 is ensured by the
`use of a PDK 102 that stores trusted information. The PDK
`102 is a compact, portable uniquely identifiable wireless
`device typically carried by an individual. The PDK 102
`stores digital
`information in a tamper-proof format that
`uniquely associates the PDK 102 with an individual.
`Example embodiments of PDKsare described in more detail
`[0022] FIG. 7B isaflowchart illustrating one embodiment
`in U.S. patent application Ser. No. 11/292,330, entitled
`of a processfor profile testing using a personalidentification
`“Personal Digital Key And Receiver/Decoder Circuit Sys-
`number.
`tem And Method” filed on Nov. 30, 2005; U.S. patent
`application Ser. No. 11/620,581 entitled “Wireless Network
`Synchronization Of Cells And Client Devices On A Net-
`work”filed on Jan. 5, 2007; and U.S. patent application Ser.
`No. 11/620,577 entitled “Dynamic Real-Time Tiered Client
`Access”filed on Jan. 5, 2007, the entire contents of which
`are all incorporated herein by reference.
`
`[0023] FIG. 7C is a flowchart illustrating one embodiment
`of a process for profile testing using a picture profile.
`
`[0024] FIG. 7Dis a flowchart illustrating one embodiment
`of a process for profile testing using a private or central
`registry.
`
`11
`
`11
`
`

`

`US 2007/0245157 Al
`
`Oct. 18, 2007
`
`[0029] To establish thetrust, credibility and confidence of
`the authentication system, information stored in the PDK
`102 is acquired by a process that is trusted, audited and
`easily verified. The process is ensured by a trusted third-
`party system, referred to herein as a Notary, that administers
`the acquisition and storage of information in the PDK 102
`according to defined security protocols. In one embodiment,
`the Notary is a system and/or a trusted individual
`that
`witnesses the acquisition and storage either in person or
`remotely. In another embodiment,
`the Notary comprises
`trusted hardware that administers the initialization process
`by an automated system. Thus, onceinitialized by the trusted
`process, the PDK 102 can provethat the information it stores
`is that of the individual. Example embodiments of the
`initialization process are described in U.S. patent application
`Ser. No. __/
`(Attorney Docket No. 25000-12784) to
`John Giobbi, et al., entitled “Personal Digital Key Initial-
`ization and Registration For Secure Transaction” filed on
`, the entire contents of which are incorporated herein
`by reference.
`
`[0030] The Reader 108 wirelessly communicates with the
`PDK 102 when the PDK 102 is within a proximity zone of
`the Reader 108. The proximity zone can be, for example,
`several meters in radius and can be adjusted dynamically by
`the Reader 108. Thus, in contrast to many conventional RF
`ID devices, the Reader 108 can detect and communicate
`with the PDK 102 without requiring the owner to remove the
`PDK 102 from his/her pocket, wallet, purse, etc. Generally,
`the Reader 108 receives uniquely identifying information
`from the PDK 102 andinitiates an authentication process for
`the individual carrying the PDK 102. In one embodiment,
`the Reader 108 is adapted to receive a biometric input 104
`from the individual. The biometric input 104 comprises a
`representation of physical or behavioral characteristics
`unique to the individual. For example, the biometric input
`104 can include a fingerprint, a palm print, a retinal scan, an
`iris scan, a photograph, a signature, a voice sample or any
`other biometric information such as DNA, RNAortheir
`derivatives that can uniquely identify the individual. The
`Reader 108 compares the biometric input 104 to information
`received from the PDK 102 to determine if a transaction
`
`should be authorized. Alternatively, the biometric input 104
`can be obtained by a biometric reader on the PDK 102 and
`transmitted to the Reader 108 for authentication. In addi-
`tional alternative embodiment, some orall of the authenti-
`cation process can be performed by the PDK 102 instead of
`the Reader 108.
`
`further communicatively
`[0031] The Reader 108 is
`coupled to the network 110 in order to receive and/or
`transmit information to remote databases for remote authen-
`tication.
`In an alternative embodiment,
`the Reader 108
`includes a non-volatile data storage that can be synchronized
`with one or more remote databases 112 orregistries 114-116.
`Such an embodimentalleviates the need for a continuous
`connection to the network 110 and allows the Reader 108 to
`
`operate in a standalone mode andfor the local data storage
`to be updated when a connection is available. For example,
`a standalone Reader 108 can periodically download updated
`registry entries and perform authentication locally without
`any remote lookup.
`
`[0032] The network 110 provides communication between
`the Reader 108 and the validation database 112, Central
`Registry 114 and one or more private registries 116. In
`
`alternative embodiments, one or more of these connections
`may not be present or different or additional network con-
`nections may be present. In one embodiment, the network
`110 uses standard communications technologies and/or pro-
`tocols. Thus,
`the network 110 can include links using
`technologies such as Ethernet, 802.11, 802.16,
`integrated
`services digital network (ISDN), digital subscriber line
`(DSL), asynchronous transfer mode (ATM), etc. Similarly,
`the networking protocols used on the network 110 can
`include the transmission control protocol/Internet protocol
`(TCP/IP),
`the hypertext
`transport protocol
`(HTTP),
`the
`simple mail
`transfer protocol
`(SMTP),
`the file transfer
`protocol (FTP), etc. The data exchanged over the network
`110 can be represented using technologies and/or formats
`including the hypertext markup language (HTML),
`the
`extensible markup language (XML), etc. In addition, all or
`some of links can be encrypted using conventional encryp-
`tion technologies such as the secure sockets layer (SSL),
`Secure HTTP and/or virtual private networks (VPNs). In
`another embodiment,
`the entities can use custom and/or
`dedicated data communications technologies instead of, or
`in addition to, the ones described above.
`
`[0033] The validation database 112 stores additional infor-
`mation that may be used for authorizing a transaction to be
`processed at the Reader 108. For example,
`in purchase
`transactions, the validation database 112 is a credit card
`validation database that is separate from the merchant pro-
`viding the sale. Alternatively, a different database may be
`used to validate different types of purchasing means such as
`a debit card, ATM card, or bank account number.
`
`[0034] The registries 114-116 are securely-accessible
`databases coupled to the network 110 that store, among other
`items, PDK, Notary, and Reader
`information.
`In one
`embodiment, the registries 114-116 do not store biometric
`information. In an alternative embodiment, a registry stores
`biometric information in an encoded formatthat can only be
`recovered using an algorithm or encoding key stored in the
`PDK 102.
`Information stored in the registries can be
`accessed by the Reader 108 via the network 110 for use in
`the authentication process. There are two basic types of
`registries illustrated: private registries 116 and the Central
`Registry 114. Private registries 116 are generally established
`and administered by their controlling entities (e.g., a mer-
`chant, business authority, or other entity administering
`authentication). Private registries 116 can be custom con-
`figured to meet the specialized and independent needs of
`each controlling entity. The Central Registry 114 is a single
`highly-secured, centrally-located database administered by a
`trusted third-party organization. In one embodiment, all
`PDKs102 are registered with the Central Registry 114 and
`may be optionally registered with one or more selected
`private registries 116. In alternative embodiments, a differ-
`ent numberor different types of registries may be coupled to
`the network 110.
`
`[0035] Turning now to FIG. 2, an example embodiment of
`a PDK 102 is illustrated. The PDK 102 comprises a memory
`210, a programmer I/O 240, control
`logic 250, and a
`transceiver 260, coupled by a bus 270. The PDK 102 can be
`standaloneas a portable, physical device or can be integrated
`into commonlycarried items. For example, a PDK 102 can
`be integrated into a portable electronic device such as a cell
`phone, Personal Digital Assistant (PDA), or GPS unit, an
`employee identification tag, clothing, or jewelry items such
`
`12
`
`12
`
`

`

`US 2007/0245157 Al
`
`Oct. 18, 2007
`
`as watches, rings, necklaces or bracelets. In one embodi-
`ment, the PDK 102 can be, for example, aboutthe size of a
`Subscriber Identity Module (SIM)card and be as small as a
`square inch in areaorless. In another embodiment, the PDK
`102 can be easily contained in a pocket, on a keychain,or in
`a wallet.
`
`[0036] The memory 210 can be a read-only memory, a
`once-programmable memory, a read/write memory or any
`combination of memory types including physical access
`secured and tamperproof memories. The memory 210 typi-
`cally stores a unique PDK ID 212 and one or more profiles
`220. The PDK ID 212 comprises a public section and a
`private section of information, each of which can be used for
`identification and authentication. In one embodiment, the
`PDKID 212 is stored in a read-only format that cannot be
`changed subsequent to manufacture. The PDK ID 212 is
`used as an identifying feature of a PDK 102 and distin-
`guishes between PDKs 102 in private 116 or Central 114
`registry entries. In an alternative embodiment, the registries
`can identify a PDK 102 by a different ID than the PDK ID
`212 stored in the PDK 102, or may use both the PDK ID 212
`and the different ID in conjunction. The PDK ID 212 can
`also be used in basic PDK authentication to ensure that the
`PDK 102 is a valid device.
`
`[0037] The profile fields 220 can beinitially empty at the
`time of manufacture but can be written to by authorized
`individuals (e.g., a Notary) and/or hardware (e.g., a Pro-
`grammer). In one embodiment, each profile 220 comprises
`a profile history 222 and profile data 230. Many different
`types of profiles 220 are possible. A biometric profile, for
`example,
`includes profile data 230 representing physical
`and/or behavioral information that can uniquely identify the
`PDK owner. A PDK 102 can store multiple biometric
`profiles, each comprising a different type of biometric infor-
`mation. In one embodiment, the biometric profile 220 com-
`prises biometric information transformed by a mathematical
`operation, algorithm, or hash that represents the complete
`biometric information (e.g., a complete fingerprint scan). In
`one embodiment, a mathematical hash is a “one-way”opera-
`tion such that there is no practical way to re-compute or
`recover the complete biometric information from the bio-
`metric profile. This both reduces the amount of data to be
`stored and adds an additionallayer of protection to the user’s
`personal biometric information. In one embodiment,
`the
`biometric profile is further encoded using a encoding key
`and/or algorithm that is stored with the biometric profile
`data. Then, for authentication, both the biometric profile data
`and the encoding key and/or algorithm are passed to the
`Reader 108.
`
`In one embodiment the PDK 102 also stores one or
`[0038]
`more biometric profile “samples” associated with each bio-
`metric profile. The biometric profile sample is a subset of the
`complete profile that can be used for quick comparisons of
`biometric data. In one embodiment, the profile samples can
`be transmitted over a public communication channel or
`transmitted with reduced level of encryption while the full
`biometric profiles are only transmitted over secure channels.
`In the case of fingerprint authentication, for example, the
`biometric profile sample may represent only small portion
`area of the full fingerprint image. In another embodiment,
`the fingerprint profile sample is data that describes an arc of
`one or more lines of the fingerprint. In yet another embodi-
`
`ment, the fingerprint profile sample can be data representing
`color information of the fingerprint.
`
`the stored profiles 220
`In another embodiment,
`[0039]
`include a PIN profile that stores one or more PINs or
`passwords associated with the PDK owner. Here, the num-
`ber or password stored in the PIN profile can be compared
`against an input provided by the user at
`the point of
`transaction to authenticate the user. In one embodiment, a
`PIN profile sample is also stored with the PIN profile that
`comprises a subset of the full PIN. For example, a PIN
`profile sample can be only the first two numbers of the PIN
`that can be used to quickly compare the stored PIN profile
`to a PIN obtained at the point of transaction.
`
`In yet another embodiment, the PDK 102 stores a
`[0040]
`picture profile that includes one or more pictures of the PDK
`owner. In a picture profile authentication, the picture stored
`in the PDK 102 is transmitted to a display at the point of
`transaction to allow an administrator(e.g., a clerk or security
`guard) to confirm or reject the identity of the individual
`requesting the transaction. In another embodiment, an image
`is captured of the individual at the point of transaction and
`compared to the picture profile by an automated image
`analysis means. Furthermore, picture profiles could be used,
`for example, in place of conventional passports or drivers
`licenses to authenticate the identity of an individual and
`allow for remote identification of individuals. For example,
`a police officer following a vehicle could obtain an image
`and identity of the driver while still maintaining a safe
`distance from the vehicle. In the hospitality industry, a host
`could greet a guest at the door of a hotel, casino or restaurant
`and easily recognize the guest by obtaining the guest’s
`picture profile as he/she enters.
`
`[0041] A registry or database profile typically stores infor-
`mation associating the user with a registry. The registry
`profile can be used to determineif the individual is associ-
`ated with the controlling entity for that registry and if
`different types of transactions are authorized for the indi-
`vidual. A registry profile can further include additional user
`information for use with the registry. For example, a private
`registry profile associated with a particular merchant may
`include a credit card numberthat the user has selected as a
`
`default for that merchant. In one embodiment, a profile can
`further include spending limits that limits the amount of
`purchases a user can make with a particular vendoror using
`a particular profile.
`
`[0042] A profile can further include personal identification
`information such as name, address, phone number,etc., bank
`information, credit/debit card information, or membership
`information. This information can be useful for certain types
`of transactions. For example, with purchases that require
`delivery, a PDK 102 can automatically transmit address
`information to the Reader 108 at the point of transaction. In
`one embodiment, a profile can store multiple addresses. At
`the point of transaction, the Reader 108 displays the address
`options and allows the user to select which address to use.
`
`[0043] Generally, some types of profile information (e.g.,
`a biometric profile) can only be acquired during a trusted
`initialization process that
`is administered by a trusted
`Notary. In one embodiment, other secure information such
`as credit card information are also stored to the PDK in the
`presence of a Notary. Alternatively, certain types of low-risk
`information can be added bythe user without a Notary, such
`
`13
`
`13
`
`

`

`US 2007/0245157 Al
`
`Oct. 18, 2007
`
`as, for example a changeof address. In another embodiment,
`onceaninitial profile has been stored to the PDK 102, a user
`can add information to the PDK 102 using a Programmer
`without a Notary through self-authentication. For example,
`in one embodiment, a PDK 102 that has a stored biometric
`profile can be “unlocked”by providing a matching biometric
`input. Then, once unlocked, the user can add or remove
`additionalprofiles, credit cards, personal information, etc. to
`the PDK 102 using a Programmer. For example,
`in one
`embodiment, a user that has unlocked his/her own PDK 102
`can store additional biometric information (such as

This document is available on Docket Alarm but you must sign up to view it.


Or .

Accessing this document will incur an additional charge of $.

After purchase, you can access this document again without charge.

Accept $ Charge
throbber

Still Working On It

This document is taking longer than usual to download. This can happen if we need to contact the court directly to obtain the document and their servers are running slowly.

Give it another minute or two to complete, and then try the refresh button.

throbber

A few More Minutes ... Still Working

It can take up to 5 minutes for us to download a document if the court servers are running slowly.

Thank you for your continued patience.

This document could not be displayed.

We could not find this document within its docket. Please go back to the docket page and check the link. If that does not work, go back to the docket and refresh it to pull the newest information.

Your account does not support viewing this document.

You need a Paid Account to view this document. Click here to change your account type.

Your account does not support viewing this document.

Set your membership status to view this document.

With a Docket Alarm membership, you'll get a whole lot more, including:

  • Up-to-date information for this case.
  • Email alerts whenever there is an update.
  • Full text search for other cases.
  • Get email alerts whenever a new case matches your search.

Become a Member

One Moment Please

The filing “” is large (MB) and is being downloaded.

Please refresh this page in a few minutes to see if the filing has been downloaded. The filing will also be emailed to you when the download completes.

Your document is on its way!

If you do not receive the document in five minutes, contact support at support@docketalarm.com.

Sealed Document

We are unable to display this document, it may be under a court ordered seal.

If you have proper credentials to access the file, you may proceed directly to the court's system using your government issued username and password.


Access Government Site

We are redirecting you
to a mobile optimized page.





Document Unreadable or Corrupt

Refresh this Document
Go to the Docket

We are unable to display this document.

Refresh this Document
Go to the Docket