TW201937392A - System and method for biometric authentication in connection with camera-equipped devices - Google Patents

System and method for biometric authentication in connection with camera-equipped devices Download PDF

Info

Publication number
TW201937392A
TW201937392A TW108118753A TW108118753A TW201937392A TW 201937392 A TW201937392 A TW 201937392A TW 108118753 A TW108118753 A TW 108118753A TW 108118753 A TW108118753 A TW 108118753A TW 201937392 A TW201937392 A TW 201937392A
Authority
TW
Taiwan
Prior art keywords
image
user
flash
flash image
images
Prior art date
Application number
TW108118753A
Other languages
Chinese (zh)
Other versions
TWI727329B (en
Inventor
顏 黎坤
亞當 皮瑞德
王洋
薩加 魏格眉
Original Assignee
美商艾勒門公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 美商艾勒門公司 filed Critical 美商艾勒門公司
Publication of TW201937392A publication Critical patent/TW201937392A/en
Application granted granted Critical
Publication of TWI727329B publication Critical patent/TWI727329B/en

Links

Abstract

Disclosed are systems for providing selective access to resources available in connection with a device comprising software executed on suitable computer hardware, said system comprising: at least one camera associated with said device, said camera being capable of taking at least one photograph of a human palm print; a detector module using local classifiers to locate and segment the region of interest of the palm without physical contact; a conversion processor which converts raw pixel data associated with said region of interest of a human palm print into a unique signature associated with said palm print; and an authentication and identification engine, said authentication and identification engine determining whether access to one or more of said resources should be granted based upon said unique signature and at least one database containing a plurality of user models.

Description

與配備有相機之裝置連接之用於生物特徵量測鑑認之系統及方法System and method for biometric measurement and identification connected with a device equipped with a camera

本發明大體上係關於用於鑑認及識別之生物特徵量測技術之使用,且更特定言之係關於用於經由電腦(諸如行動裝置)鑑認及識別使用者以選擇性地允許或拒絕存取各種資源之基於非接觸之解決方案。在本發明中,透過涉及以下關鍵步驟之一程序使用一個人之手掌之一影像或一組影像執行鑑認或識別:(1)使用本端分類器偵測掌紋區;(2)從關注區域提取特徵;及(3)針對儲存於可透過一學習程序動態地擴充之一資料庫中之使用者模型計算匹配得分。The present invention relates generally to the use of biometric metrology techniques for identification and identification, and more particularly to the identification and identification of users via computers (such as mobile devices) to selectively allow or deny A contactless solution for accessing various resources. In the present invention, the identification or recognition is performed by using one of the following key steps: one (1) using the local classifier to detect the palm print area; (2) extracting from the region of interest. And (3) calculating a matching score for a user model stored in a database dynamically expandable through a learning program.

諸如智慧型手機、平板電腦及筆記型電腦之行動裝置已變得被許多人日常廣泛採用及使用。此等裝置已變得愈來愈強大且隨著開發者創造出愈來愈多應用程式及在應用程式上運行之服務,此等裝置變得更融入於吾等之日常生活中。此等行動裝置不僅自身提供一強大計算平台,而且其等亦提供連接至在通常經由一無線鏈路存取一小區站點且接著回載至網際網路骨幹之遠端平台上可用之一實際上無限組服務、應用程式及資料。除存取此等遠端平台外,行動裝置亦具有透過短程及長程無線連接而連接至其他行動裝置之能力。
或許最重要的係,此等裝置之不斷增加之滲透連同相關聯於此等裝置中之組件部分之持續減少之成本已導致裝置變得具有更大性能的同時對於許多使用者而言仍可負擔。舉例而言,作為組件部分之成本之減少及更強大軟體之開發之一結果,大量智慧型手機現包含可拍攝大約八百萬或更高像素之極其詳細之相片之強大相機。
在行動裝置及其等與如此多功能性連結之廣泛使用且其需要與如此多不同的資源相互作用之背景下出現的一個重要問題係需要控制對此等資源之各者之存取,使得僅應被授權存取可適用資源之該等個人或裝置實際上能夠如此做。在通常情況中,透過文字/數字字串(諸如使用者ID及密碼)之輸入控制資源存取。舉例而言,可要求一智慧型手機使用者在被允許存取裝置上之任何功能性之前輸入一四位碼。另外,裝置上之各本端應用程式或其他資源可要求使用者在獲得存取資源之前輸入一或多個文字/數字字串。在此情況中,正確資料(使用者ID、密碼等等)可被儲存於裝置之記憶體中。替代性地,為存取定位遠離於裝置之資源(應用程式、資料、通信性能等等),可要求使用者及/或裝置發送一組正確文字/數字字串至遠端資源,其繼而在允許存取資源之前確認所發送資料匹配正確資料。
如吾人可想像,對於一典型智慧型手機使用者,舉例而言,用於鑑認及識別之前述技術存在數個缺點。作為其中一者,記住針對如此多不同的應用程式、服務及其他資源之使用者ID及密碼(各具有對於須如何構建該等ID及密碼之其等自身之要求)之需要可為相當令人生畏的且使用者經常遺忘針對其等不頻繁存取之資源之ID及密碼。另一缺點係,使用文字/數字字串控制對資源之存取存在安全問題。舉例而言,存在可用於駭客此等字串以獲得未授權存取至資源之強大軟體程式。
又,一使用者使用其手指在智慧型手機螢幕上輸入密碼及使用者ID之典型基於接觸之方法本身導致安全風險。經驗豐富之駭客經常能夠基於藉由手指留下之油脂殘留物從螢幕「提取」指紋圖案以獲得未授權存取。此在輸入諸如一四位數之一短數字字串以解鎖裝置之背景下尤其如此。一旦裝置被解鎖,甚至無法保全裝置上之許多資源,導致各種安全風險。
定下目標消除或減少上文論述之缺點之一個解決方案涉及使用生物特徵量測技術控制對經由行動裝置可用之資源之存取。雖然此等解決方案已在一些情況中消除上文論述之一些缺點,但其等仍經受數個劣勢。舉例而言,一些基於接觸之解決方案需要使用者將其手指放置於具有擷取使用者之指紋之能力之裝置感測器上,接著,針對本端或遠端定位之指紋資料匹配使用者之指紋,以判定是否存在足以允許使用者或裝置存取一或多個資源之一匹配。在此情況中,如在上文所參考,一指紋可被一駭客從裝置感測器提取且用於在隨後時間利用所挪用指紋獲得未授權存取一或多個資源。此等解決方案通常亦經受一繁忙使用者在一典型日程期間試圖獲得存取裝置上之許多不同資源之背景下無法接受執行處理,以判定指紋是否係一匹配所必要的時間之缺點。
存在相關聯於基於接觸之方法之額外健康問題,涉及細菌、病毒或其他生物危害之傳輸,尤其在使用者之間共用裝置之情況中。如在此項技術中已知,一個人之指尖(且更一般言之一個人之手)經常係在人之間傳遞細菌、病毒或其他生物危害之主要媒介之一者。在被多人共用之個別裝置之情況中,其中一使用者使用其指尖鍵入一識別字串或透過基於接觸之生物特徵量測方法(諸如指紋或掌紋辨識等等)鑑認或識別使用者自身之基於接觸之鑑認及識別方法產生經由共用接觸媒介傳遞該等生物危害之風險。Mobile devices such as smart phones, tablets and notebooks have become widely used and used by many people on a daily basis. These devices have become more powerful and as the developers have created more and more applications and services running on the applications, these devices have become more integrated into our daily lives. These mobile devices not only provide a powerful computing platform by themselves, but they also provide connectivity to one of the available platforms on a remote platform that typically accesses a cell site via a wireless link and then reloads to the backbone of the Internet. Unlimited set of services, applications and materials. In addition to accessing such remote platforms, mobile devices also have the ability to connect to other mobile devices via short-range and long-range wireless connections.
Perhaps most importantly, the ever-increasing penetration of such devices, along with the ever-decreasing cost associated with component parts in such devices, has resulted in devices that have become more capable while still affordable for many users. . For example, as a result of the cost reduction of component parts and the development of more powerful software, a large number of smart phones now include powerful cameras that can take extremely detailed photos of about 8 million or more pixels.
An important issue that arises in the context of mobile devices and their interaction with such versatile connections and their need to interact with so many different resources is the need to control access to each of these resources so that only Such individuals or devices that are authorized to access the applicable resources can actually do so. In the normal case, resource access is controlled by input of alphanumeric strings (such as user IDs and passwords). For example, a smartphone user may be required to enter a four bit code before being allowed access to any functionality on the device. In addition, each local application or other resource on the device may require the user to enter one or more alphanumeric strings before obtaining access resources. In this case, the correct data (user ID, password, etc.) can be stored in the memory of the device. Alternatively, the user and/or device may be required to send a set of correct text/numeric strings to the remote resource for accessing resources (applications, data, communication capabilities, etc.) remote from the device, which in turn Confirm that the sent data matches the correct data before allowing access to the resource.
As can be imagined, for a typical smartphone user, for example, the aforementioned techniques for authentication and identification have several drawbacks. As one of them, remember that the need for user IDs and passwords for so many different applications, services and other resources (each with its own requirements for how to construct such IDs and passwords) can be quite The fear of the user and the user often forget the ID and password of the resource that is infrequently accessed. Another disadvantage is that there is a security issue with using literal/numeric strings to control access to resources. For example, there are powerful software programs available for hacking such strings to gain unauthorized access to resources.
Moreover, the typical contact-based approach of a user entering their password and user ID on their smartphone screen using their finger poses a security risk. Experienced hackers are often able to "extract" fingerprint patterns from the screen based on grease residue left by fingers to gain unauthorized access. This is especially true in the context of inputting a short digit string such as one of four digits to unlock the device. Once the device is unlocked, it is not even possible to preserve many of the resources on the device, resulting in various security risks.
One solution to set a goal to eliminate or reduce the disadvantages discussed above relates to using biometric measurement techniques to control access to resources available via mobile devices. While these solutions have eliminated some of the shortcomings discussed above in some cases, they still suffer from several disadvantages. For example, some contact-based solutions require the user to place their finger on a device sensor that has the ability to capture the user's fingerprint, and then the fingerprint data for the local or remote location matches the user's Fingerprint to determine if there is enough to allow the user or device to access one of the one or more resources to match. In this case, as referenced above, a fingerprint may be extracted by a hacker from the device sensor and used to gain unauthorized access to one or more resources at the subsequent time using the fingerprint. Such solutions are also typically subject to the disadvantage that a busy user is unable to accept processing in the context of attempting to obtain access to many different resources on the device during a typical schedule to determine if the fingerprint is a match.
There are additional health issues associated with contact-based methods involving the transmission of bacteria, viruses or other biological hazards, especially in the case of sharing devices between users. As is known in the art, a person's fingertips (and, more generally, the hands of a person) are often one of the primary vehicles for delivering bacteria, viruses, or other biological hazards between people. In the case of an individual device shared by multiple people, one of the users uses their fingertips to type in a recognition string or to identify or identify the user through contact-based biometric measurement methods (such as fingerprint or palmprint recognition, etc.). Their own contact-based identification and identification methods create the risk of transmitting such biohazards via a shared contact medium.

因此,本發明之一目的係提供支援對使用者及裝置之精確、安全及快速鑑認及識別以提供選擇性存取透過配備有相機之裝置可存取之資源之一基於非接觸之生物特徵量測系統及方法。
在本發明之一項實施例中,被要求將其等自身識別或鑑認為獲得存取一或多個資源之一條件之此等配備有相機之裝置(為方便起見在下文中有時稱為智慧型手機,儘管該等裝置應被理解為包含具有一相機性能之所有裝置,包含行動裝置及固定裝置二者,諸如桌上型電腦)之使用者使用智慧型手機相機拍攝其等手掌或兩個手掌之一個相片或一系列相片。接著,本發明之系統採用電腦視覺技術分析該掌紋影像且確認該掌紋簽章匹配一資料庫中之該使用者之模型(使用者鑑認)或在一資料庫中之許多模型中找到匹配使用者模型(使用者識別)。
從與隨附圖式連結之以下例示性實施例之實施方式將變得明白本發明之進一步特徵及態樣。Accordingly, it is an object of the present invention to provide a non-contact based biometric feature that supports accurate, secure and fast authentication and identification of users and devices to provide selective access through a camera-accessible device. Measurement system and method.
In an embodiment of the invention, such a camera-equipped device is required to identify or identify itself as one of the conditions for accessing one or more resources (sometimes referred to hereinafter as convenient for convenience) A smart phone, although such devices should be understood to include all devices having a camera performance, both mobile and stationary devices, such as desktop computers, use a smart phone camera to shoot their palms or two A photo or series of photos of a palm. Next, the system of the present invention analyzes the palm print image using computer vision technology and confirms that the palm print signature matches the user's model in a database (user authentication) or finds a match in many models in a database. Model (user identification).
Further features and aspects of the present invention will become apparent from the Detailed Description of the <RTIgt;

現將詳細參考本發明之各種例示性實施例。應理解,例示性實施例之以下論述不意欲為對本發明之一限制,如在本文中廣泛揭示。實情係,以下論述經提供以為讀者給出對本發明之特定態樣及特徵之一更詳細理解。
在詳細描述本發明之實施例之前,將理解,在本文中使用之術語僅出於描述特定實施例之目的且不意欲限制。除非另外定義,在本文中使用之所有術語具有相同於由本發明從屬之一般技術者普遍理解之含義。儘管類似於或等效於在本文中描述之方法及材料之任何方法及材料可用於本發明之實踐,但現描述較佳方法及材料。在本文中提及之所有公開案以引用的方式併入本文中以揭示及描述與所引用公開案連結之方法及/或材料。本發明控制其與任何併入公開案衝突之程度。
如在本文中及隨附申請專利範圍中所使用,單數形式「一」及「該」包含複數參考,除非在文中另外明確規定。因此,舉例而言,對「一手掌」之參考包含一個人之一單一手掌或兩個手掌且對「一影像」之參考包含對一或多個影像之參考。此外,可使用等效術語描述之術語之使用包含該等等效術語之使用。因此,舉例而言,術語「相機」之使用應被理解為包含能夠獲得一物件之一影像之任何裝置。作為另一實例且如上文所提及,術語「智慧型手機」包含具有一相機性能之所有裝置。
在本發明之較佳實施例中之本發明之描述將如下。參考圖1,對本發明之系統之關鍵組件之一論述以及其中此等組件之各者與彼此相互作用以導出本發明之優勢之內容現如下。裝置100可為包含能夠拍攝高品質相片之一相機之任何裝置。較佳地,裝置100之相機亦含有能夠被選擇性及快速地啟動及撤銷啟動之一閃光元件以用於照明被拍攝之區。此等裝置100之實例包含智慧型手機、平板電腦、筆記型電腦及可藉由一使用者攜載且提供允許本發明之功能性可被操作之一計算平台之任何其他裝置,以及桌上型電腦或各種固定嵌入裝置。此等固定嵌入裝置之實例可包含固定至提供安全存取實體空間或其他資源之設施入口或其他策略位置之相機設備或出於時間及出席協定之此等目的固定至策略位置之相機設備以及其他應用。儘管未要求,但裝置100亦可含有各種其他特徵,諸如一觀察螢幕(其亦可為一觸控螢幕)、一小鍵盤、一加速度計、GPS性能、儲存容量及一中央處理單元(CPU)。
裝置100包含至少一個相機105,其較佳地能夠產生(例如)兩百萬或更高像素之高品質相片。相機資料處理器110從相機105接收影像資料且如在此項技術中已知般處理該影像資料以建立可以各種方式使用(包含出於與現描述之本發明連結概述之目的)之相片之像素資料表示。來自相機資料處理器110之資料被饋送至關注區域偵測器115,其用於將手掌區定位於更廣泛影像內,且使用一高位準之精確性及一致性刻畫該區,從而透過具有不同光照條件及手掌至相機之定向之各種單獨影像提供具有在手掌上之實質上相同形狀及位置之手掌區之遮罩。
在關注區域偵測器115之一項實施例中,使用基於滑動窗之本端分類器偵測關注區域以藉由分類得分標記手掌及非手掌像素,其後接著將相鄰手掌像素分組為輸入影像中之相連分量之一分割步驟。由於從範例影像之大集合學習顯著數量之區辨本端特徵以擷取手掌外觀之穩定特性以形成強大分類器,故可達成對於影像雜訊之一高位準之精確性及穩健性。因此,練就之偵測器可精確定位及刻畫呈具有各種手定向及光照條件之自由形式之輸入影像上之關注區域。
在關注區域偵測器115之一項實施例中,基於Haar Wavelets及AdaBoost (參考1)之本端分類器用於偵測一使用者之手之手掌區中之關注區域。在關注區域偵測器115之另一實施例中,基於支援向量機(參考2)之本端分類器被用於偵測一使用者之手之手掌區中之關注區域。在關注區域偵測器115之另一實施例中,一迴旋神經網路被用於偵測一使用者之手之手掌區中之關注區域,諸如在美國專利案第5,067,164號及第5,058,179號及(參考3及參考4)中所描述。
接著,關注區域偵測器115饋送影像資料(包含手掌區遮罩)至轉換處理器120,其用於從表示個人之手掌區之特性特徵之影像塊提取可用於區分個人與另一使用者之一簽章125,其中該等影像塊係該手掌區遮罩內之小取樣窗。
在一項實施例中,簽章125係如下計算之一向量。首先,計算在影像中之數個精選區域中之邊緣定向之一直方圖。此可使用用於提取本端影像描述符之電腦視覺之熟知方法之一者執行,諸如換標不變量特徵變換(見參考5)、定向梯度直方圖(見參考6)及在此項技術中已知之其他參考。其次,(例如)使用熟知之K-means叢集演算法相各定向直方圖與已由訓練資料計算之數個原型。最後,形成簽章向量,使得向量之分量k對應於上述提及之第k個原型。分量k含有直方圖較於接近所有其他原型更接近於原型k之區域之數目。此操作序列在文獻中被已知為一「特徵包(Bag of Features)」表示(例如,見參考7)。從當前教示應明白,在本發明之另一實施例中,多個特徵包可用於保存局部區域之間的幾何關係。
接著,簽章125被饋送至鑑認及識別引擎(AID引擎) 130,其用於實施本發明之許多關鍵程序,如在下文所描述。AID引擎130與使用者模型之資料庫135 (若存在)通信以儲存一使用者模型之一本端副本。因此,在本端地滯留於裝置100上且不需要與(例如)遠端伺服器或遠端裝置外部通信之應用程式或服務之情況中,可比較由藉由相機105拍攝之掌紋影像導致之一使用者簽章與儲存於使用者模型之資料庫135中之已知使用者模型,以用於鑑認或識別。使用者模型係由一個人之手掌影像之一集合計算之統計模型,其中從定義該模型之該等影像導出簽章。在一項實施例中,使用者模型由從使用者之參考影像計算之簽章之一所謂高斯(Gaussian)密度模型構成。給出查詢影像S之簽章,使用者模型被用於計算一匹配得分。

其中Mi 及Vi 係給定使用者之所有參考影像之簽章向量之第i個分量之平均值及方差,且u係一小常數。若匹配得分R大於針對此使用者模型之一預選臨限值,則簽章被視為匹配至使用者模型。鑑認及識別引擎130、模型建立引擎155及使用者模型之資料庫135形成一AID單元160。
簽章125亦被饋送至模型建立引擎155以在使用者首次登入期間初始化使用者模型或在已存在模型時選擇性地併入該簽章之資訊以定義儲存於使用者模型之資料庫135中之使用者模型。在本發明之一項實施例中,模型建立引擎155使用從使用者之新影像提取之簽章更新上述提及之平均值及方差Mi 及Vi
裝置100亦較佳地含有一遠端資源介面145,其與AID引擎130通信。遠端資源介面145充當在裝置100上實施之鑑認及識別功能性與發生於外部/遠端資源(諸如遠端伺服器及遠端裝置)上之該等相同功能性之間的介面。因此,舉例而言,遠端資源介面145與駐留於遠端伺服器上之應用程式互動,以按需要藉由遠端應用程式協調鑑認或識別。此可包含藉由用於一使用者操作裝置100之鑑認或識別或用於裝置100自身之鑑認或識別之外部資源管理及回應於請求。
遠端資源介面145可與網路介面150通信以發射及接收與鑑認及識別活動連結之資料。可使用各種無線通信協定,包含射頻以及其他(包含且不限制,藍芽(Bluetooth)及其他近場通信技術)。在本發明之一較佳實施例中,舉例而言,藉由加密及/或其他方法(其減少或消除相關聯於本發明之鑑認及識別方法之使用者資料及其他資料可被未授權當事人攔截之可能性)如在此項技術中已知般保全通過公開無線鏈路從裝置100來回通信之資料。網路介面150通常包括如在此項技術中已知之一射頻收發器模組且允許裝置100經由無線鏈路與無線網路400通信。繼而,無線網路400通常將藉由裝置100發射或接收之資料回載至資料網路500,再次如在此項技術中所已知。
僅藉由實例,本發明允許藉由遠端伺服器及應用程式及駐留於遠端伺服器上之其他資源鑑認或識別裝置100之使用者或裝置100自身。如在圖1中圖解說明,遠端伺服器200可經由上文論述之通信路徑與裝置100通信。以此方式且如藉由駐留於裝置100上之遠端資源介面145所控制,駐留於遠端伺服器200上之AID單元205可從裝置100請求及接收鑑認及識別資料以用於與駐留於遠端伺服器200上或藉由其可存取之已知且經驗證使用者模型相比較,如在下文更全面描述。此鑑認及識別性能提供選擇性存取一或多個應用程式210、資料215及駐留於遠端伺服器200上之其他資源。相同性能亦可提供選擇性存取本端資源140 (包含應用程式、資料及/或駐留於裝置100上之其他資源以及其中此等本端資源尋求存取遠離於裝置100之資料或其他資源之情況)。
在本發明之另一實施例中,如上文論述之通信可發生於裝置100與一或多個遠端裝置300之間。遠端裝置300可為相同於或不同於裝置100之裝置類型且根據本發明之教示之鑑認/識別功能性可雙向發生。換言之,裝置100可回應於來自遠端裝置300之鑑認/識別請求以便經由遠端裝置300上之AID單元305存取(例如)駐留於遠端裝置300上之一或多個應用程式310及/或資料315。但再者,遠端裝置300可接收及回應於藉由裝置100初始化之鑑認及識別請求以便遠端裝置300 (或操作其之一使用者)存取駐留於裝置100上之資源。在一些情況中,裝置100及遠端裝置300將在共用資源之前皆要求另一者之鑑認及/或識別。舉例而言,此可在裝置100與遠端裝置300之使用者之間的一所要安全通信之背景下發生。
現轉至圖2,現描述根據本發明之一較佳實施例之使用者/裝置鑑認及/或識別之方法。藉由最初論述,首先描述在本發明之教示之背景下之鑑認與識別之間的差異。
在鑑認之情況中,使用者展現呈一使用者ID或使用者姓名之形式之一身份且本發明之系統確認該使用者確實係其所聲稱之人。接著,系統比較從使用者之手掌之一影像或若干影像導出之簽章與使用者模型之資料庫中之對應模型。若其等匹配,則該使用者被鑑認。若其等不匹配,則該使用者被拒絕。
在圖4中展示根據在一較佳實施例中之本發明之教示之用於使用者鑑認之流程圖。如一第一步驟,在裝置100處之使用者可輸入其姓名或其他識別資訊至裝置100中,或使用者之身份可已預載入於裝置100中。分別地,使用者使用裝置100之相機105拍攝其手或雙手之手掌之一相片或相片集。接著,相機資料處理器110發送原始像素資料至關注區域偵測器115,其判定影像內之手掌區。來自關注區域偵測器115之經遮蓋手掌區被饋送至轉換處理器120,其導出使用者之獨特簽章。可在一遠端資源上或部分在一遠端資源上且部分在裝置100上替代性地處理此轉換功能。在所成像手掌區與裝置100之間無直接接觸,使用手之高解析度影像,由終端使用者呈現自由形式且處於任何定向且不具有一普通數位相機以外之任何特殊硬體之情況下,本發明之系統使用涉及特徵提取、將特徵處理為使用者簽章及將使用者簽章匹配至所儲存使用者簽章或使用者模型之一多步驟軟體解決方案識別個人,其中:(i)從輸入影像偵測及分割出一單一或多個關注區域以移除無關像素資料及隔離手掌區(ii)從影像提取數個高維稀疏特徵向量(例如,見參考8);(iii)在其中鄰近特徵向量合併為一更緊湊及穩健影像表示之一程序中建立針對各影像之一單一簽章;及(iv)將多個影像簽章組合為針對各個別使用者之一身份模型。
接著,鑑認及識別引擎130在使用者模型之資料庫135中查詢使用者之模型(基於先前呈現之使用者識別資料)。此時,若所導出之使用者簽章匹配所儲存之使用者模型,則該使用者被鑑認且被允許存取所要資源或資源組。或者,若使用者簽章與模型不匹配,則該使用者被拒絕存取所要資源或資源組。可遠離於裝置100替代性地執行關於查詢及匹配之前述功能性。
在識別之情況中,使用者僅呈現一掌紋影像或影像組,且鑑認及識別引擎130比較從掌紋影像或若干影像導出之簽章與使用者模型之資料庫135中之所有模型或模型之一子集。若找到一匹配,則該使用者被識別。若未找到一匹配,則該使用者未知。
在圖5中展示用於使用者識別之流程圖。在此情況中,如在鑑認之情況中,使用者拍攝其手之手掌之一相片或相片集。此資料再次被處理為藉由相機資料處理器110形成之像素且被發送至關注區域偵測器115,以判定影像內之手掌區。來自關注區域偵測器115之經遮蓋手掌區被饋送至轉換處理器120,其導出使用者之獨特簽章且接著AID引擎130比較所導出之簽章與儲存於使用者模型之資料庫135中之所有模型或模型之一子集。可在一遠端資源上或部分在一遠端資源上且部分在裝置100上替代性地處理上文參考之轉換及比較功能。在任何事件中,若找到一匹配,則使用者被識別且可被授予存取一資源或資源組。若未找到匹配,則使用者無法被識別且將不授予存取一所要資源或資源組。
使用何種模式(鑑認或識別)取決於應用。一般言之,鑑認提供較高程度之精確性但由於一使用者需要採取額外步驟輸入其身份之一額外因素,故提供較低使用者體驗等級。第二身份因素可呈現普通形式之任一者,諸如一使用者姓名、使用者ID、密碼、獨特員工ID、社會安全號、電子郵件地址、各種其他生物特徵量測模態等等。在本發明之一項實施例中,第二身份因素係從個人之第二個手之掌紋影像導出之簽章,其中個人之兩個掌紋影像或影像集之各者之個別簽章共同用於鑑認或識別。
重要的係注意,在上文描述之各情況(鑑認或識別)中,並非針對本端地定位於裝置100內之使用者模型之資料庫135內之一模型匹配一使用者簽章,取而代之藉由在裝置100處拍攝之一使用者之手掌之一影像或影像集產生之一簽章可針對定位於遠端伺服器200或一或多個遠端裝置300之一者或二者處之一資料庫中含有之一模型或若干模型而匹配。在此情況中,裝置100之使用者通常將尋求存取駐留於此等遠端平台處之一或多個資源而非本端地定位於裝置100內之一資源。藉由實例,在解鎖(例如)一智慧型手機之情況中,可在智慧型手機/裝置100處本端地完成處理,然而若開始進行鑑認(例如,與一基於遠端之應用程式連結),該處理之一些部分可在一遠端伺服器200完成,其中針對匹配之使用者模型可被儲存於遠端伺服器200而非本端地儲存於智慧型手機上。另外,從本教示應明白,可在AID單元160、205、305之任一者之間同步使用者模型、簽章及/或其他生物特徵量測資料以允許在裝置100、遠端伺服器200、遠端裝置300之任一者進行本端鑑認或識別而不需要該裝置100、遠端伺服器200或遠端裝置300已本端地產生該使用者模型、簽章及/或其他生物特徵量測資料。
現返回至圖2,可見,在本發明之一較佳實施例中,在步驟(1),裝置100用於拍攝待使用相機105 (步驟(3))識別(步驟(2))之使用者之手掌之一相片或一系列相片。一閃光組件(步驟(4))可被嵌入裝置100中以提供影像之必要預處理,尤其當閃光組件係關於為個人之手掌影像之關注區域偵測、特徵提取及簽章處理提供最小充足光。接著,影像之手掌區藉由關注區域偵測器115 (步驟(5))遮蓋且饋送至轉換處理器120 (步驟(6))以將原始像素轉換為一獨特識別之使用者簽章,簽章125。使用者簽章係含有相關聯於使用者之掌紋影像之相關識別資訊之一緊密碼且可被快速及精確地匹配至使用者模型之一大資料庫,諸如使用者模型之資料庫135或在一遠端平台之一資料庫(步驟(7))。所導出之使用者簽章之一個益處係其本質上無法重建來自使用者模型之一資料庫之一使用者手掌影像。在步驟(8)中,AID引擎130比較來自手掌影像或影像集之使用者簽章與使用者模型之資料庫中之使用者簽章以識別或鑑認使用者為可適用。可在一遠端資源上或部分在一遠端資源上且部分在裝置100上替代性地處理上文參考之轉換及比較功能。
現轉至圖3,可見,在其中相對於一遠端資源完成鑑認或識別之情況中,裝置100與該遠端資源之間的通信較佳地發生於一安全連接上,如在此項技術中所已知。此可涉及在此項技術中已知之一或多個技術以包含(例如)強加密、公開或私密金鑰加密、數位證書及/或數位簽章等等。
既然已描述本發明之系統及主要方法,故將論述額外新穎特徵,諸如用於防止與鑑認/識別連結之欺騙之各種方法以及用於編碼及與遠端資源交換交易資訊之一新穎方法。
欺騙保護係本發明之一重要態樣。舉例而言,其防止入侵者使用一手掌之一印刷相片替代一真手用於鑑認。關於欺騙保護之本發明之一新穎態樣涉及偵測及使用一人手之三維特性以便提供安全以防欺騙。
在欺騙偵測之一實例中,為區分一相片與一真手,本發明之系統以一快速序列拍攝一系列相片,其中間歇地且在變化時間長度使用相機閃光燈。使用閃光燈拍攝之一3D物件(一真手)之相片將具有特定高亮區域及藉由閃光燈產生之陰影,然而在手之位置上,其中手之一2D表示(舉例而言,在另一行動裝置之顯示螢幕上展示之一手掌或一手掌影像之一印刷相片)將不展示此等高亮區域及陰影。此允許本發明之系統利用在閃光相片與非閃光相片之間產生之手上之高亮區域及陰影之一比較以區分一印刷相片及一真手。以此方式,偶然獲得一授權使用者之手掌之一相片之一未授權當事人無法使用該相片獲得未授權存取本端或遠端資源。
用於偵測一真手之進一步方法包含手之3D建模。在此情況中,本發明之系統可在拍攝一系列多個相片時提示使用者轉動其手。一真實3D物件將隨著各連續影像展現手之不同部分,然而一2D物件將始終展示手之完全相同部分,僅具有變化失真度。此使本發明之系統區分一印刷相片與一真手。類似地,取代旋轉該手,在拍攝一系列相片時可提示使用者將手握拳或從一拳張開。區分一真手與一手之相片之其他方法亦係可能的。
本發明之另一新穎態樣係其中可偵測及防止重播攻擊之一方法。在此情況中,一入侵者修改一行動裝置,使得其將來自一合法使用者之真手之一個或一系列先前記錄之相片發送至網路以用於鑑認或識別而非發送藉由相機拍攝之影像。此處假定入侵者可在不被一授權使用者意識到或授權使用者無法防止此情況之情況下拍攝授權使用者之手之相片。若此實際上係一風險(例如,其中一授權使用者正在睡覺或無意識之一情況),則較佳地以要求一或多個額外身份因素(諸如一使用者ID或獨立於掌紋影像之其他形式之資料)鑑認一使用者之此一方式使用系統。
為偵測及防禦一重播攻擊,本發明之系統發出一系列相片且在各種間隔閃光,即,其記錄一系列相片,其中一些關閉閃光燈且其他開啟閃光燈。可隨機或根據一預定序列選擇特定相片及開啟/關閉閃光燈序列且其等可針對各鑑認或識別請求而改變。本發明之系統可容易地偵測一入侵者是否使用先前記錄之一系列相片,此係因為相片及閃光燈之開啟/關閉模式將不匹配實際上發送至行動裝置之模式。
偵測一重播攻擊之另一方法涉及儲存所有先前使用之影像且比較新影像與該資料庫。由於以兩個不同掌紋之影像為基礎之像素資料可本質上從不在特定容許度上完全相同或實質上相同,故系統可偵測何時一先前拍攝之影像再次被使用。偵測一重播攻擊之其他方法亦係可能的。
本發明之又另一新穎態樣係在一系列相片及/或閃光模式之定時內嵌入交易資訊或其他資料之能力。此定時模式可進一步用於編碼關於交易本身之資訊。接著,一密碼雜湊可應用至此資訊。雜湊碼使所得代碼緊湊(短)且亦防止觀察閃光模式之任何人導出關於代碼之原始內容之任何資訊。在本發明之一項實施例中,影像及/或閃光模式之序列之定時被用作一防欺騙機制之部分,以判定提供用於鑑認或識別之影像序列是否匹配來自交易本身之資訊。一特定實施方案可包含:
1. 具有閃光模式之手掌區之一低解析度視訊。
2. 手掌區之一或若干高解析度靜止影像。
3. 電腦視覺技術以確保高解析度影像係來自相同於視訊中之物件之一物件。
基於本發明之系統及方法之上述描述,可理解,各種應用係可能的。實例包含(不限於)存取一或多個裝置、存取駐留於該等裝置上或遠端地定位於一伺服器上或其他遠端裝置上之一或多個應用程式、各種交易應用程式(諸如選舉投票、國家福利之分配、財政支付)及任何其他類型之交易所需使用者身份驗證。
雖然已展示及描述本發明之特定實施例,但熟習此項技術者將明白,基於本文中之教示,可在不脫離本發明及其更廣泛態樣之情況下做出改變及修改。
參考
[1] Paul Viola及Michael Jones,Rapid Object Detection using a Boosted Cascade of Simple Features,Proceedings of IEEE Computer Vision and Pattern Recognition,2001,第I:511-518頁。
[2] Corinna Cortes及Vladimir N. Vapnik,Support-Vector Networks,Machine Learning,20,1995。
[3] Yann LeCun、Léon Bottou、Yoshua Bengio、Patrick Haffner:Gradient-Based Learning Applied to Document Recognition,Proceedings of the IEEE,86(11):2278-2324,1998年11月。
[4] Pierre Sermanet、Koray Kavukcuoglu、Soumith Chintala及Yann LeCun:Pedestrian Detection with Unsupervised Multi-Stage Feature Learning,Proc.International Conference on Computer Vision and Pattern Recognition (CVPR'13),IEEE,2013年6月。
[5] David G. Lowe,Distinctive Image Features From Scale-Invariant Keypoints,International Journal of Computer Vision, 60, 2 (2004),第91-110頁。
[6] N. Dalal及B. Triggs,Histograms of Oriented Gradients for Human Detection.In Proceedings of Computer Vision and Pattern Recognition,2005。
[7] Y-Lan Boureau、Jean Ponce及Yann LeCun:A Theoretical Analysis of Feature Pooling in Vision Algorithms,Proc.International Conference on Machine learning (ICML'10),2010。
[8] Yann LeCun、Koray Kavukvuoglu及Clément Farabet:Convolutional Networks and Applications in Vision,Proc.International Symposium on Circuits and Systems (ISCAS'10),IEEE,2010。Reference will now be made in detail to the exemplary embodiments embodiments It is to be understood that the following discussion of the exemplary embodiments is not intended to be a limitation of the invention. The following discussion is provided to provide the reader with a more detailed understanding of the specific aspects and features of the invention.
Before the embodiments of the present invention are described in detail, it is to be understood that Unless otherwise defined, all terms used herein have the same meaning as commonly understood by one of ordinary skill in the art. Although any methods and materials similar or equivalent to those described herein can be used in the practice of the present invention, the preferred methods and materials are now described. All publications mentioned herein are hereby incorporated by reference to the extent of the disclosure of the disclosure of the disclosure of the disclosure. The present invention controls its extent of conflict with any incorporated disclosure.
The singular forms "a", "the" and "the" Thus, for example, reference to "a palm" includes a single palm or two palms of a person and references to "one image" include references to one or more images. In addition, use of terms that may be described using equivalent terms includes the use of such equivalent terms. Thus, for example, the use of the term "camera" shall be taken to include any device that is capable of obtaining an image of an object. As another example and as mentioned above, the term "smartphone" encompasses all devices that have a camera performance.
The description of the invention in the preferred embodiment of the invention will be as follows. Referring to Figure 1, a discussion of one of the key components of the system of the present invention and the interaction of each of these components with each other to derive the advantages of the present invention are as follows. Device 100 can be any device that includes a camera capable of taking a high quality photo. Preferably, the camera of device 100 also includes a flash element that can be selectively and quickly activated and deactivated for illumination of the captured area. Examples of such devices 100 include smart phones, tablets, notebooks, and any other device that can be carried by a user and that provides a computing platform that allows the functionality of the present invention to be operated, as well as a desktop Computer or various fixed embedded devices. Examples of such fixed embedded devices may include camera devices that are fixed to a facility portal or other strategic location that provides secure access to physical space or other resources, or camera devices that are fixed to strategic locations for purposes such as time and attendance agreements, and others application. Although not required, the device 100 may also include various other features such as an observation screen (which may also be a touch screen), a keypad, an accelerometer, GPS performance, storage capacity, and a central processing unit (CPU). .
The device 100 includes at least one camera 105 that is preferably capable of producing high quality photos of, for example, two million or more pixels. Camera data processor 110 receives image material from camera 105 and processes the image material as is known in the art to create pixels of photographs that can be used in a variety of ways, including for purposes of linking the present invention to the presently described invention. Information indicated. The data from camera data processor 110 is fed to region of interest detector 115, which is used to position the palm region within a wider image and to characterize the region using a high level of accuracy and consistency. The various individual images of the lighting conditions and the orientation of the palm to the camera provide a mask with a palm area of substantially the same shape and position on the palm of the hand.
In one embodiment of the region of interest detector 115, the local region classifier based on the sliding window is used to detect the region of interest to mark the palm and non-palm pixels by the classification score, followed by grouping the adjacent palm pixels into inputs. One of the steps of dividing the connected components in the image. Since a significant number of regions are learned from a large collection of sample images to capture the stable characteristics of the palm appearance to form a powerful classifier, accuracy and robustness to one of the high levels of image noise can be achieved. Thus, the Detector can accurately position and characterize areas of interest on input images in free form with various hand orientations and lighting conditions.
In one embodiment of the region of interest detector 115, the local classifier based on Haar Wavelets and AdaBoost (Reference 1) is used to detect the region of interest in the palm region of a user's hand. In another embodiment of the region of interest detector 115, the local classifier based on the support vector machine (reference 2) is used to detect the region of interest in the palm region of a user's hand. In another embodiment of the region of interest detector 115, a gyroscopic neural network is used to detect regions of interest in the palm region of a user's hand, such as in U.S. Patent Nos. 5,067,164 and 5,058,179. (Refer to Reference 3 and Reference 4).
Next, the region of interest detector 115 feeds image data (including the palm region mask) to the conversion processor 120 for extracting from the image block representing the characteristic features of the palm region of the individual for distinguishing between the individual and another user. A signature 125, wherein the image blocks are small sampling windows within the mask of the palm area.
In one embodiment, the signature 125 calculates one of the vectors as follows. First, a histogram of the edge orientations in several selected regions in the image is calculated. This can be performed using one of the well-known methods of computer vision for extracting the local image descriptor, such as a variable invariant feature transform (see reference 5), a directional gradient histogram (see reference 6), and in the art. Other references are known. Second, for example, using the well-known K-means cluster algorithm, each orientation histogram and several prototypes that have been calculated from the training data. Finally, a signature vector is formed such that the component k of the vector corresponds to the kth prototype mentioned above. Component k contains the number of histograms closer to the prototype k than to all other prototypes. This sequence of operations is known in the literature as a "Bag of Features" representation (see, for example, Reference 7). It should be understood from the present teachings that in another embodiment of the invention, a plurality of feature packages can be used to preserve geometric relationships between local regions.
The signature 125 is then fed to an authentication and recognition engine (AID engine) 130 for implementing many of the key procedures of the present invention, as described below. The AID engine 130 communicates with the user model repository 135 (if present) to store a local copy of a user model. Thus, in the case where the local end resides on the device 100 and does not require an application or service to communicate externally, for example, to a remote server or remote device, the palmprint image captured by the camera 105 can be compared. A user signature and a known user model stored in the database of the user model 135 for identification or identification. A user model is a statistical model calculated from a collection of one's palm images, from which the signatures are derived from the images defining the model. In one embodiment, the user model consists of a so-called Gaussian density model, one of the signatures calculated from the reference image of the user. Given the signature of the query image S, the user model is used to calculate a match score.

Where M i and V i are the average and variance of the i-th component of the signature vector of all reference images of the given user, and u is a small constant. If the match score R is greater than one of the pre-selected thresholds for this user model, the signature is considered to match the user model. The identification and recognition engine 130, the model building engine 155, and the user model database 135 form an AID unit 160.
The signature 125 is also fed to the model building engine 155 to initialize the user model during the first login of the user or to selectively incorporate the information of the signature when the model is already present to define the database 135 stored in the user model. User model. In one embodiment of the invention, the model building engine 155 updates the above mentioned averages and variances M i and V i using signatures extracted from the user's new image.
Device 100 also preferably includes a remote resource interface 145 that is in communication with AID engine 130. The remote resource interface 145 acts as an interface between the authentication and identification functionality implemented on the device 100 and the same functionality occurring on external/remote resources, such as remote servers and remote devices. Thus, for example, the remote resource interface 145 interacts with an application residing on the remote server to coordinate authentication or identification as needed by the remote application. This may include managing and responding to requests by external resource management or identification for a user operating device 100 or for authentication or identification of device 100 itself.
The remote resource interface 145 can communicate with the network interface 150 to transmit and receive data linked to the authentication and identification activities. Various wireless communication protocols can be used, including radio frequency and others (including and without limitation, Bluetooth and other near field communication technologies). In a preferred embodiment of the invention, by way of encryption and/or other methods (which reduce or eliminate user data and other information associated with the authentication and identification methods of the present invention, may be unauthorized The possibility of party interception) preserves the information communicated back and forth from device 100 over a public wireless link as is known in the art. Network interface 150 typically includes one of the radio frequency transceiver modules as is known in the art and allows device 100 to communicate with wireless network 400 via a wireless link. In turn, wireless network 400 typically retransmits data transmitted or received by device 100 to data network 500, again as is known in the art.
By way of example only, the present invention allows the user or device 100 itself to authenticate or identify the device 100 by remote servers and applications and other resources residing on the remote server. As illustrated in FIG. 1, remote server 200 can communicate with device 100 via the communication paths discussed above. In this manner and as controlled by the remote resource interface 145 residing on the device 100, the AID unit 205 residing on the remote server 200 can request and receive authentication and identification data from the device 100 for use with the resident A comparison is made on the remote server 200 or by a known and validated user model accessible by it, as described more fully below. This authentication and identification performance provides selective access to one or more applications 210, data 215, and other resources residing on the remote server 200. The same performance may also provide selective access to the local resources 140 (including applications, materials, and/or other resources residing on the device 100 and wherein the local resources seek to access data or other resources away from the device 100) Happening).
In another embodiment of the invention, communication as discussed above may occur between device 100 and one or more remote devices 300. The remote device 300 can be the same or different device type than the device 100 and the authentication/recognition functionality can occur bidirectionally in accordance with the teachings of the present invention. In other words, the device 100 can respond to the authentication/identification request from the remote device 300 to access, for example, one or more applications 310 resident on the remote device 300 via the AID unit 305 on the remote device 300. / or information 315. Moreover, remote device 300 can receive and respond to authentication and identification requests initiated by device 100 for remote device 300 (or one of its users) to access resources residing on device 100. In some cases, device 100 and remote device 300 will require the identification and/or identification of the other before sharing the resource. For example, this can occur in the context of a secure communication between device 100 and a user of remote device 300.
Turning now to Figure 2, a method of user/device identification and/or identification in accordance with a preferred embodiment of the present invention will now be described. By way of initial discussion, the differences between authentication and identification in the context of the teachings of the present invention are first described.
In the case of authentication, the user presents one of the forms in the form of a user ID or user name and the system of the present invention confirms that the user is indeed the person he claims to be. Next, the system compares the corresponding models in the database of the signature and user models derived from one of the images or images of the user's palm. If they match, the user is authenticated. If the matches do not match, the user is rejected.
A flow chart for user authentication in accordance with the teachings of the present invention in a preferred embodiment is shown in FIG. As a first step, the user at device 100 can enter his or her name or other identifying information into device 100, or the identity of the user can be preloaded into device 100. Separately, the user uses the camera 105 of the device 100 to take a photo or collection of photos of the palm of his or her hands. Next, the camera data processor 110 sends the raw pixel data to the region of interest detector 115, which determines the palm region within the image. The masked palm area from the region of interest detector 115 is fed to a conversion processor 120 that derives the user's unique signature. This conversion function can be handled alternatively on a remote resource or partially on a remote resource and partially on the device 100. There is no direct contact between the imaged palm area and the device 100, using a high resolution image of the hand, in the case where the end user presents a free form and is in any orientation and does not have any special hardware other than a normal digital camera, The system of the present invention identifies individuals using a multi-step software solution involving feature extraction, processing features as user signatures, and matching user signatures to stored user signatures or user models, where: (i) Detecting and segmenting a single or multiple regions of interest from the input image to remove extraneous pixel data and isolating the palm region (ii) extracting several high dimensional sparse feature vectors from the image (see, for example, reference 8); (iii) The proximity feature vector is merged into a single compact signature for one of the more compact and robust image representations; and (iv) the plurality of image signatures are combined into one identity model for each individual user.
Next, the authentication and recognition engine 130 queries the user's model (based on previously presented user identification data) in the user model database 135. At this time, if the derived user signature matches the stored user model, the user is authenticated and allowed to access the desired resource or resource group. Or, if the user signature does not match the model, the user is denied access to the desired resource or resource group. The aforementioned functionality with respect to queries and matches can be performed alternately away from device 100.
In the case of recognition, the user presents only one palm print image or image set, and the recognition and recognition engine 130 compares all models or models in the signature and user model database 135 derived from the palm print image or images. A subset. If a match is found, the user is identified. If a match is not found, the user is unknown.
A flow chart for user identification is shown in FIG. In this case, as in the case of authentication, the user takes a photo or collection of photos of the palm of his hand. This data is again processed as pixels formed by the camera data processor 110 and sent to the region of interest detector 115 to determine the palm region within the image. The masked palm area from the region of interest detector 115 is fed to a conversion processor 120 that derives the user's unique signature and then the AID engine 130 compares the derived signature with the database stored in the user model 135. A subset of all models or models. The conversion and comparison functions referenced above may alternatively be processed on a remote resource or partially on a remote resource and partially on the device 100. In any event, if a match is found, the user is identified and can be granted access to a resource or group of resources. If no match is found, the user cannot be identified and will not be granted access to a desired resource or resource group.
Which mode to use (identification or identification) depends on the application. In general, authentication provides a higher degree of accuracy but provides a lower level of user experience due to an additional factor that requires a user to take additional steps to enter their identity. The second identity factor can take any of the general forms, such as a user name, user ID, password, unique employee ID, social security number, email address, various other biometric measurement modalities, and the like. In an embodiment of the invention, the second identity factor is a signature derived from a palm print image of the second hand of the individual, wherein the individual signatures of each of the two palm print images or image sets of the individual are used together Identification or identification.
It is important to note that in each of the situations (identification or identification) described above, not one of the models in the database 135 of the user model that is locally located in the device 100 matches a user signature and is replaced by Generating a signature by capturing an image or collection of images of one of the user's palms at device 100 may be directed to one or both of remote server 200 or one or more remote devices 300. A database contains one or several models to match. In this case, the user of device 100 will typically seek to access one or more resources residing at such remote platforms rather than local to locate one of the resources within device 100. By way of example, in the case of unlocking, for example, a smart phone, the process can be done locally at the smart phone/device 100, but if authentication is initiated (eg, with a remote-based application) Some portions of the process may be performed at a remote server 200, wherein the matching user model may be stored on the remote server 200 rather than locally stored on the smart phone. Additionally, it should be understood from this teaching that user models, signatures, and/or other biometric measurement data can be synchronized between any of AID units 160, 205, 305 to allow for device 100, remote server 200. The remote device 300 performs local authentication or identification without requiring the device 100, the remote server 200, or the remote device 300 to locally generate the user model, signature, and/or other creatures. Feature measurement data.
Returning now to Figure 2, it can be seen that in a preferred embodiment of the present invention, in step (1), the apparatus 100 is adapted to capture a user to be identified (step (2)) by the camera 105 (step (3)). A photo or a series of photos of the palm of your hand. A flash assembly (step (4)) can be embedded in the device 100 to provide the necessary pre-processing of the image, particularly when the flash assembly provides minimal light for focus area detection, feature extraction and signature processing for individual palm images. . Then, the palm area of the image is covered by the region of interest detector 115 (step (5)) and fed to the conversion processor 120 (step (6)) to convert the original pixel into a uniquely identified user signature. Chapter 125. The user signature is a database that contains one of the relevant identification information associated with the palm print image of the user and can be quickly and accurately matched to a large database of user models, such as a database of user models 135 or A database of one of the remote platforms (step (7)). One benefit of the derived user signature is that it is essentially impossible to reconstruct a user's palm image from one of the user models' databases. In step (8), the AID engine 130 compares the user signatures in the database of user signatures and user models from the palm image or image collection to identify or identify the user as applicable. The conversion and comparison functions referenced above may alternatively be processed on a remote resource or partially on a remote resource and partially on the device 100.
Turning now to FIG. 3, it can be seen that in the case where the authentication or identification is completed with respect to a remote resource, the communication between the device 100 and the remote resource preferably occurs on a secure connection, such as in this item. Known in the technology. This may involve one or more techniques known in the art to include, for example, strong encryption, public or private key encryption, digital certificates and/or digital signatures, and the like.
Now that the system and primary methods of the present invention have been described, additional novel features, such as various methods for preventing spoofing from authentication/identification links, and novel methods for encoding and exchanging transaction information with remote resources, will be discussed.
Deception protection is an important aspect of the present invention. For example, it prevents an intruder from using one of the palms to print a photo instead of a real hand for authentication. One novel aspect of the present invention relating to fraud protection involves detecting and using the three-dimensional characteristics of a person's hand in order to provide security against fraud.
In one example of fraud detection, to distinguish between a photo and a real hand, the system of the present invention takes a series of photos in a quick sequence in which the camera flash is used intermittently and for varying lengths of time. Photographing a 3D object (a real hand) with a flash will have a specific highlight area and a shadow produced by the flash, however in the position of the hand, where one of the hands is 2D (for example, in another action) These highlighted areas and shadows will not be displayed if one of the palms or one of the palm images is displayed on the display of the device. This allows the system of the present invention to utilize a comparison of highlights and shadows on the hand created between the flash photo and the non-flash photo to distinguish between a printed photo and a real hand. In this way, one of the photos of one of the palms of an authorized user is accidentally obtained. The unauthorized party cannot use the photo to gain unauthorized access to the local or remote resources.
A further method for detecting a real hand involves 3D modeling of the hand. In this case, the system of the present invention can prompt the user to turn their hand when taking a series of multiple photos. A real 3D object will show different parts of the hand as each successive image, whereas a 2D object will always show the exact same part of the hand, with only varying distortion. This allows the system of the present invention to distinguish between a printed photo and a real hand. Similarly, instead of rotating the hand, the user can be prompted to punch or punch from a fist when taking a series of photos. Other methods of distinguishing between a real hand and a one-handed photo are also possible.
Another novel aspect of the present invention is one of the methods in which replay attacks can be detected and prevented. In this case, an intruder modifies a mobile device such that it sends a photo or a series of previously recorded photos from a legitimate user to the network for authentication or identification rather than by camera. The image taken. It is assumed here that an intruder can take a photo of an authorized user's hand without being recognized by an authorized user or authorizing the user to prevent the situation. If this is in fact a risk (eg, one of the authorized users is sleeping or unconscious), then preferably one or more additional identity factors are required (such as a user ID or other independent of the palm print image). Formal information) This method of identifying a user uses the system.
To detect and defend against a replay attack, the system of the present invention emits a series of photos and flashes at various intervals, i.e., it records a series of photos, some of which turn off the flash and others turn on the flash. The particular photo can be selected at random or according to a predetermined sequence and the flash sequence can be turned on/off and the like can be changed for each authentication or identification request. The system of the present invention can easily detect whether an intruder uses a previously recorded series of photos because the photo and flash on/off mode will not match the mode actually sent to the mobile device.
Another method of detecting a replay attack involves storing all previously used images and comparing the new images to the database. Since the pixel data based on the images of the two different palm prints can be essentially identical or substantially identical in a particular tolerance, the system can detect when a previously captured image is used again. Other methods of detecting a replay attack are also possible.
Yet another novel aspect of the present invention is the ability to embed transactional information or other data at the timing of a series of photos and/or flash modes. This timing mode can be further used to encode information about the transaction itself. Then, a password hash can be applied to this information. The hash code makes the resulting code compact (short) and also prevents anyone viewing the flash mode from deriving any information about the original content of the code. In one embodiment of the invention, the timing of the sequence of image and/or flash modes is used as part of an anti-spoofing mechanism to determine whether the image sequence provided for authentication or recognition matches information from the transaction itself. A particular implementation can include:
1. Low-resolution video in one of the palm areas with flash mode.
2. One of the palm areas or several high resolution still images.
3. Computer vision technology to ensure that high-resolution images are from objects that are identical to objects in video.
Based on the above description of the systems and methods of the present invention, it will be appreciated that a variety of applications are possible. Examples include, without limitation, accessing one or more devices, accessing one or more applications, various transaction applications residing on or remotely located on a server or other remote device User authentication required (such as election voting, allocation of state benefits, financial payments) and any other type of transaction.
While the invention has been shown and described with reference to the embodiments of the invention
reference
[1] Paul Viola and Michael Jones, Rapid Object Detection using a Boosted Cascade of Simple Features, Proceedings of IEEE Computer Vision and Pattern Recognition, 2001, pp. I: 511-518.
[2] Corinna Cortes and Vladimir N. Vapnik, Support-Vector Networks, Machine Learning, 20, 1995.
[3] Yann LeCun, Léon Bottou, Yoshua Bengio, Patrick Haffner: Gradient-Based Learning Applied to Document Recognition, Proceedings of the IEEE, 86(11): 2278-2324, November 1998.
[4] Pierre Sermanet, Koray Kavukcuoglu, Soumith Chintala, and Yann LeCun: Pedestrian Detection with Unsupervised Multi-Stage Feature Learning, Proc. International Conference on Computer Vision and Pattern Recognition (CVPR '13), IEEE, June 2013.
[5] David G. Lowe, Distinctive Image Features From Scale-Invariant Keypoints, International Journal of Computer Vision, 60, 2 (2004), pp. 91-110.
[6] N. Dalal and B. Triggs, Histograms of Oriented Gradients for Human Detection. In Proceedings of Computer Vision and Pattern Recognition, 2005.
[7] Y-Lan Boureau, Jean Ponce, and Yann LeCun: A Theoretical Analysis of Feature Pooling in Vision Algorithms, Proc. International Conference on Machine Learning (ICML '10), 2010.
[8] Yann LeCun, Koray Kavukvuoglu, and Clément Farabet: Convolutional Networks and Applications in Vision, Proc. International Symposium on Circuits and Systems (ISCAS '10), IEEE, 2010.

100‧‧‧裝置100‧‧‧ device

105‧‧‧相機 105‧‧‧ camera

110‧‧‧相機資料處理器 110‧‧‧ camera data processor

115‧‧‧關注區域偵測器 115‧‧‧Following Area Detector

120‧‧‧轉換處理器 120‧‧‧Transition processor

125‧‧‧簽章 125‧‧‧Signature

130‧‧‧鑑認及識別(AID)引擎 130‧‧‧Acknowledgment and Identification (AID) Engine

135‧‧‧資料庫 135‧‧‧Database

140‧‧‧本端資源 140‧‧‧Local resources

145‧‧‧遠端資源介面 145‧‧‧ Remote resource interface

150‧‧‧網路介面 150‧‧‧Internet interface

155‧‧‧模型建立引擎 155‧‧‧Model Building Engine

160‧‧‧AID單元 160‧‧‧AID unit

200‧‧‧遠端伺服器 200‧‧‧Remote Server

205‧‧‧AID單元 205‧‧‧AID unit

210‧‧‧應用程式 210‧‧‧Application

215‧‧‧資料 215‧‧‧Information

300‧‧‧遠端裝置 300‧‧‧ Remote device

305‧‧‧AID單元 305‧‧‧AID unit

310‧‧‧應用程式 310‧‧‧Application

315‧‧‧資料 315‧‧‧Information

400‧‧‧無線網路 400‧‧‧Wireless network

500‧‧‧資料網路 500‧‧‧Information Network

圖1係描繪在本發明之一較佳實施例中之本發明之系統之主要組件之圖式;1 is a diagram depicting the major components of the system of the present invention in a preferred embodiment of the present invention;

圖2係在圖解說明在本發明之一較佳實施例中之本發明之方法時有用之一方塊圖; Figure 2 is a block diagram useful in illustrating the method of the present invention in a preferred embodiment of the present invention;

圖3係圖解說明根據本發明之一較佳實施例之一行動裝置與一或多個遠端伺服器之間的安全連接之一圖式; 3 is a diagram illustrating a secure connection between a mobile device and one or more remote servers in accordance with a preferred embodiment of the present invention;

圖4係圖解說明根據在本發明之一較佳實施例中之本發明之鑑認一使用者或裝置之關鍵步驟之一流程圖;及 4 is a flow chart illustrating one of the key steps in identifying a user or device in accordance with the present invention in a preferred embodiment of the present invention;

圖5係圖解說明根據在本發明之一較佳實施例中之本發明之識別一使用者或裝置之關鍵步驟之一流程圖。 Figure 5 is a flow chart illustrating one of the key steps in identifying a user or device in accordance with the present invention in a preferred embodiment of the present invention.

Claims (21)

一種用於基於一深度學習方法提供選擇性存取與一智慧型手機連接可用之資源之防欺騙(anti-spoofing)系統,該系統包括: (a)該智慧型手機包括一數位處理器、一記憶體模組、一作業系統及包括可由該數位處理器執行之指令之一非暫態儲存媒體; (b)至少一相機,其與該智慧型手機相關聯並經組態以擷取一第一使用者之一解剖特徵之包括一閃光影像及一非閃光影像之複數個影像,其中在該解剖特徵並未實體接觸該智慧型手機下擷取該複數個影像;及 (c)至少一閃光組件,其與該智慧型手機相關聯並經組態以在該閃光影像之擷取期間發出一閃光並在該非閃光影像之擷取期間不發出一閃光; 其中該數位處理器執行下列: (1)使用基於滑動窗之本端分類器(sliding-window-based local classifiers)及由自一範例影像集合學習之區辨本端特徵(discriminative local features)所形成之分類器分析該解剖特徵之該閃光影像及該非閃光影像以藉由分類得分(classification scores)來標記解剖特徵及非解剖特徵像素; (2)使用一經訓練偵測器在該閃光影像及該非閃光影像中定位及分割該解剖特徵之一關注區域; (3)使用該關注區域中之小取樣窗以識別含有(encompassing)該解剖特徵之特性生物特徵之影像塊(image patches); (4)自該等影像塊之像素級別資料提取一簽章,其中該簽章係該第一使用者獨有且係用於區分該第一使用者與一第二使用者,且其中提取該簽章包括在複數個影像塊中創建邊緣定向之一直方圖(a histogram of edge orientations); (5)基於該解剖特徵之一三維特性及複數個經儲存使用者模型判定一欺騙嘗試,其中該三維特性係基於該閃光影像及該非閃光影像間之一比較,其中該閃光影像及該非閃光影像間之該比較包括在該閃光影像及該非閃光影像之至少一者中判定一高亮區域及一陰影區域,以判定該閃光影像及該非閃光影像之至少一者表示一3D物件或該解剖特徵之一2D表示; (6)基於該欺騙嘗試之該判定來拒絕該第一使用者存取該等資源之一或多者;及 (7)將該解剖特徵之該複數個影像之該至少一者及該三維特性儲存於該範例影像集合中。An anti-spoofing system for providing selective access to resources available for connection to a smart phone based on a deep learning method, the system comprising: (a) the smart phone includes a digital processor, a memory module, an operating system, and a non-transitory storage medium including instructions executable by the digital processor; (b) at least one camera associated with the smart phone and configured to capture a plurality of images comprising a flash image and a non-flash image of an anatomical feature of the first user, wherein the anatomy The feature does not physically contact the smart phone to capture the plurality of images; and (c) at least one flash component associated with the smart phone and configured to emit a flash during capture of the flash image and not to emit a flash during capture of the non-flash image; Where the digital processor performs the following: (1) analyzing the anatomical features using a sliding-window-based local classifiers and a classifier formed by discriminative local features learned from a sample image set. The flash image and the non-flash image are labeled with anatomical features and non-anatomical features by classification scores; (2) locating and segmenting a region of interest of the anatomical feature in the flash image and the non-flash image using a trained detector; (3) using a small sampling window in the region of interest to identify image patches that enclose the characteristic biometrics of the anatomical feature; (4) extracting a signature from the pixel level data of the image blocks, wherein the signature is unique to the first user and is used to distinguish the first user from a second user, and wherein the signature is extracted The signature includes creating a histogram of edge orientations in a plurality of image blocks; (5) determining a fraud attempt based on a three-dimensional characteristic of the anatomical feature and a plurality of stored user models, wherein the three-dimensional characteristic is based on comparing the flash image with the non-flash image, wherein the flash image and the non-flash image are The comparing includes determining a highlighted area and a shaded area in at least one of the flash image and the non-flash image to determine that at least one of the flash image and the non-flash image represents a 3D object or the anatomical feature a 2D representation; (6) rejecting the first user from accessing one or more of the resources based on the determination of the fraud attempt; and (7) storing the at least one of the plurality of images of the anatomical feature and the three-dimensional characteristic in the sample image set. 如請求項1之系統,其中該數位處理器進一步執行藉由選擇性地包含該解剖特徵之該至少一影像、該等影像塊之該像素級別資料及該簽章以使用新資料改良該等使用者模型,以擴充該至少一資料庫及該欺騙嘗試之該判定。The system of claim 1, wherein the digital processor further performs the at least one image selectively including the anatomical feature, the pixel level data of the image block, and the signature to improve the use using new data a model to augment the at least one database and the determination of the fraud attempt. 如請求項1之系統,其中該數位處理器進一步執行使用從該關注區域上之該等影像塊提取之描述符。A system as claimed in claim 1, wherein the digital processor further performs the use of descriptors extracted from the image blocks on the region of interest. 如請求項3之系統,其中該等描述符經編碼為高維稀疏向量且其中該等稀疏向量合併為至少一個群組。A system of claim 3, wherein the descriptors are encoded as high dimensional sparse vectors and wherein the sparse vectors are combined into at least one group. 如請求項1之系統,其中由一特徵包(Bag of Features)或多個特徵包表示計算該簽章。The system of claim 1, wherein the signature is calculated by a Bag of Features or a plurality of signature packages. 如請求項1之系統,其中該分析該解剖特徵之該閃光影像及該非閃光影像使用Haar Wavelets及AdaBoost演算法。The system of claim 1, wherein the flash image and the non-flash image analyzing the anatomical feature use Haar Wavelets and AdaBoost algorithms. 如請求項1之系統,其中該分析該解剖特徵之該閃光影像及該非閃光影像使用支援向量機、一迴旋神經網路或兩者。The system of claim 1, wherein the flash image and the non-flash image analyzing the anatomical feature use a support vector machine, a gyrotron network, or both. 如請求項1之系統,其中該等使用者模型包括由該第一使用者之解剖特徵影像之一集合計算之一統計模型。The system of claim 1, wherein the user models comprise a statistical model calculated from a set of anatomical feature images of the first user. 如請求項1之系統,其中該等使用者模型包括一高斯密度模型或高斯密度模型之一混合物。The system of claim 1, wherein the user models comprise a mixture of a Gaussian density model or a Gaussian density model. 如請求項1之系統,其中該等資源之至少一者遠離於該智慧型手機或駐留於該智慧型手機。The system of claim 1, wherein at least one of the resources is remote from the smart phone or resides in the smart phone. 如請求項10之系統,其中該等資源之該至少一者包括一應用程式或一資料庫。The system of claim 10, wherein the at least one of the resources comprises an application or a database. 如請求項1之系統,其中該第一使用者之兩個解剖特徵影像之個別簽章可一起使用於該欺騙嘗試之該判定。The system of claim 1, wherein the individual signatures of the two anatomical feature images of the first user are used together for the determination of the fraud attempt. 如請求項1之系統,其中進一步基於一或多個其他模態(modalities)拒絕存取該等資源之一或多者。A system as claimed in claim 1, wherein one or more of the resources are further denied based on one or more other modalities. 如請求項13之系統,其中該一或多個其他模態包括以下之一或多者:通行碼、安全問題、指紋辨識、面部辨識、虹膜辨識、書寫簽章辨識及其他生物特徵量測及非生物特徵量測模態。The system of claim 13, wherein the one or more other modalities comprise one or more of the following: passcode, security question, fingerprint identification, facial recognition, iris recognition, writing signature identification, and other biometric measurements and Non-biological feature measurement mode. 如請求項1之系統,其中該拒絕存取該等資源之一或多者係進一步基於選擇性地拒絕一或多個使用者進行一或多個交易。The system of claim 1, wherein the denying access to one or more of the resources is further based on selectively rejecting one or more users for one or more transactions. 如請求項1之系統,其中在該解剖特徵之一移動期間擷取該複數個影像之至少二者,且其中該三維特性係進一步基於該移動。A system of claim 1, wherein at least two of the plurality of images are captured during movement of one of the anatomical features, and wherein the three-dimensional characteristic is further based on the movement. 如請求項1之系統,其中該複數個影像包括閃光及非閃光影像之一序列,且其中該欺騙嘗試之該判定係進一步基於該閃光及非閃光影像之序列與先前記錄之閃光及非閃光影像之一序列間之一比較。The system of claim 1, wherein the plurality of images comprises a sequence of flash and non-flash images, and wherein the determining of the fraudulent attempt is further based on the sequence of the flash and non-flash images and the previously recorded flash and non-flash images One of the sequences is compared between one of the sequences. 如請求項1之系統,其中該欺騙嘗試之該判定係進一步基於該複數個影像之至少一者與該範例影像集合中之該第一使用者解剖特徵之至少一影像間之一比較。The system of claim 1, wherein the determining of the spoofing attempt is further based on comparing at least one of the plurality of images with at least one of the images of the first user anatomy in the set of sample images. 如請求項15之系統,其中一交易資訊或其他資料被嵌入於連續影像間之一或多個時間間隔之中,且其中該欺騙嘗試之該判定係進一步基於該交易資訊與該交易間之一比較。[0057] The system of claim 15, wherein a transaction information or other material is embedded in one or more time intervals between consecutive images, and wherein the determination of the fraudulent attempt is further based on the transaction information and one of the transaction rooms Comparison. 如請求項1之系統,其中該複數個影像之至少一者之擷取與一後續影像之擷取分隔一時間間隔,且其中該欺騙嘗試之該判定係進一步基於該時間間隔與先前記錄連續影像間之一先前時間間隔間之一比較。The system of claim 1, wherein the capture of at least one of the plurality of images is separated from the capture of a subsequent image by a time interval, and wherein the determining of the fraud attempt is based on the time interval and the previously recorded continuous image One of the previous time intervals is compared. 一種用於基於一深度學習方法提供選擇性存取與一智慧型手機連接可用之資源之由一智慧型手機實施之防欺騙方法,該方法包括: (a)使用與該智慧型手機相關聯並經組態以擷取一第一使用者之一解剖特徵之包括一閃光影像及一非閃光影像之複數個影像之至少一相機,其中在該解剖特徵並未實體接觸該智慧型手機下擷取該複數個影像;及 (b)使用與該智慧型手機相關聯並經組態以在該閃光影像之擷取期間發出一閃光之至少一閃光組件; (c)使用基於滑動窗之本端分類器及由自一範例影像集合學習之區辨本端特徵所形成之分類器來分析該解剖特徵之該閃光影像及該非閃光影像以藉由分類得分來標記解剖特徵及非解剖特徵像素; (d)使用一經訓練偵測器在該閃光影像及該非閃光影像中定位及分割該解剖特徵之一關注區域; (e)使用該關注區域中之小取樣窗以識別含有該解剖特徵之特性生物特徵之影像塊; (f)自該等影像塊之像素級別資料提取一簽章,其中該簽章係該第一使用者獨有且係用於區分該第一使用者與一第二使用者,且其中提取該簽章包括在複數個影像塊中創建邊緣定向之一直方圖; (g)基於該解剖特徵之一三維特性及複數個經儲存使用者模型判定一欺騙嘗試,其中該三維特性係基於該閃光影像及該非閃光影像間之一比較,其中該閃光影像及該非閃光影像間之該比較包括在該閃光影像及該非閃光影像之至少一者中判定一高亮區域及一陰影區域,以判定該閃光影像及該非閃光影像之至少一者表示一3D物件或一解剖特徵之一2D表示; (h)基於該欺騙嘗試之該判定拒絕該第一使用者存取該等資源之一或多者;及 (i)將該解剖特徵之該至少一影像儲存於該範例影像集合中。An anti-spoofing method implemented by a smart phone for providing selective access to a smart phone connection based on a deep learning method, the method comprising: (a) using at least one camera associated with the smart phone and configured to capture a plurality of images of a flash image and a non-flash image of an anatomical feature of the first user, wherein the anatomy The feature does not physically contact the smart phone to capture the plurality of images; and (b) using at least one flash component associated with the smart phone and configured to emit a flash during capture of the flash image; (c) analyzing the flash image of the anatomical feature and the non-flash image by using a localization classifier based on a sliding window and a classifier formed by the localization feature learned from a sample image set to classify the score Marking anatomical features and non-anatomical features of pixels; (d) locating and segmenting a region of interest of the anatomical feature in the flash image and the non-flash image using a trained detector; (e) using a small sampling window in the region of interest to identify image blocks containing characteristic biometric features of the anatomical feature; (f) extracting a signature from the pixel level data of the image blocks, wherein the signature is unique to the first user and is used to distinguish the first user from a second user, and wherein the signature is extracted Signature includes creating a histogram of edge orientation in a plurality of image blocks; (g) determining a fraud attempt based on a three-dimensional characteristic of the anatomical feature and a plurality of stored user models, wherein the three-dimensional characteristic is based on a comparison between the flash image and the non-flash image, wherein the flash image and the non-flash image The comparing includes determining a highlighted area and a shaded area in at least one of the flash image and the non-flash image to determine that at least one of the flash image and the non-flash image represents a 3D object or an anatomical feature a 2D representation; (h) refusing the first user to access one or more of the resources based on the determination of the fraud attempt; and (i) storing the at least one image of the anatomical feature in the sample image set.
TW108118753A 2013-10-11 2014-10-09 Anti-spoofing system and method for providing selective access to resources based on a deep learning method TWI727329B (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US201361890123P 2013-10-11 2013-10-11
US61/890,123 2013-10-11

Publications (2)

Publication Number Publication Date
TW201937392A true TW201937392A (en) 2019-09-16
TWI727329B TWI727329B (en) 2021-05-11

Family

ID=54198279

Family Applications (2)

Application Number Title Priority Date Filing Date
TW108118753A TWI727329B (en) 2013-10-11 2014-10-09 Anti-spoofing system and method for providing selective access to resources based on a deep learning method
TW103135263A TWI664552B (en) 2013-10-11 2014-10-09 System and method for biometric authentication in connection with camera-equipped devices

Family Applications After (1)

Application Number Title Priority Date Filing Date
TW103135263A TWI664552B (en) 2013-10-11 2014-10-09 System and method for biometric authentication in connection with camera-equipped devices

Country Status (2)

Country Link
AR (1) AR097974A1 (en)
TW (2) TWI727329B (en)

Cited By (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
TWI779418B (en) * 2019-12-11 2022-10-01 瑞士商Inait公司 Method of reading the output of an artificial recurrent neural network and computer-readable storage medium thereof
US11569978B2 (en) 2019-03-18 2023-01-31 Inait Sa Encrypting and decrypting information
US11580401B2 (en) 2019-12-11 2023-02-14 Inait Sa Distance metrics and clustering in recurrent neural networks
US11615285B2 (en) 2017-01-06 2023-03-28 Ecole Polytechnique Federale De Lausanne (Epfl) Generating and identifying functional subnetworks within structural networks
US11652603B2 (en) 2019-03-18 2023-05-16 Inait Sa Homomorphic encryption
US11651210B2 (en) 2019-12-11 2023-05-16 Inait Sa Interpreting and improving the processing results of recurrent neural networks
US11663478B2 (en) 2018-06-11 2023-05-30 Inait Sa Characterizing activity in a recurrent artificial neural network
US11797827B2 (en) 2019-12-11 2023-10-24 Inait Sa Input into a neural network
US11816553B2 (en) 2019-12-11 2023-11-14 Inait Sa Output from a recurrent neural network
US11893471B2 (en) 2018-06-11 2024-02-06 Inait Sa Encoding and decoding information and artificial neural networks
US11972343B2 (en) 2018-06-11 2024-04-30 Inait Sa Encoding and decoding information

Families Citing this family (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
AR097974A1 (en) * 2013-10-11 2016-04-20 Element Inc SYSTEM AND METHOD FOR BIOMETRIC AUTHENTICATION IN CONNECTION WITH DEVICES EQUIPPED WITH CAMERA
TWI781226B (en) 2017-09-18 2022-10-21 美商艾勒門公司 Methods, systems, and media for detecting spoofing in mobile authentication
CA3133229C (en) 2019-03-12 2023-04-04 Element Inc. Detecting spoofing of facial recognition with mobile devices
US11507248B2 (en) 2019-12-16 2022-11-22 Element Inc. Methods, systems, and media for anti-spoofing using eye-tracking

Family Cites Families (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6178255B1 (en) * 1998-04-28 2001-01-23 Cross Match Technologies, Inc. Individualized fingerprint scanner
US6956608B1 (en) * 2000-08-11 2005-10-18 Identix Incorporated Fingerprint imaging device including an optical plate having microreflectors
US20030135764A1 (en) * 2002-01-14 2003-07-17 Kun-Shan Lu Authentication system and apparatus having fingerprint verification capabilities thereof
DE10315923A1 (en) * 2003-04-08 2004-10-28 Tbs Holding Ag Procedure to detect data of uneven surfaces for biometric data, using non-contact optical sensing of surface
US7474769B1 (en) * 2004-09-14 2009-01-06 Unisys Corporation Bioindex mechanism for increasing the relative speed of biometric identification against large population samples
US7660442B2 (en) * 2006-09-01 2010-02-09 Handshot, Llc Method and system for capturing fingerprints, palm prints and hand geometry
AR097974A1 (en) * 2013-10-11 2016-04-20 Element Inc SYSTEM AND METHOD FOR BIOMETRIC AUTHENTICATION IN CONNECTION WITH DEVICES EQUIPPED WITH CAMERA

Cited By (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US11615285B2 (en) 2017-01-06 2023-03-28 Ecole Polytechnique Federale De Lausanne (Epfl) Generating and identifying functional subnetworks within structural networks
US11663478B2 (en) 2018-06-11 2023-05-30 Inait Sa Characterizing activity in a recurrent artificial neural network
US11893471B2 (en) 2018-06-11 2024-02-06 Inait Sa Encoding and decoding information and artificial neural networks
US11972343B2 (en) 2018-06-11 2024-04-30 Inait Sa Encoding and decoding information
US11569978B2 (en) 2019-03-18 2023-01-31 Inait Sa Encrypting and decrypting information
US11652603B2 (en) 2019-03-18 2023-05-16 Inait Sa Homomorphic encryption
TWI779418B (en) * 2019-12-11 2022-10-01 瑞士商Inait公司 Method of reading the output of an artificial recurrent neural network and computer-readable storage medium thereof
US11580401B2 (en) 2019-12-11 2023-02-14 Inait Sa Distance metrics and clustering in recurrent neural networks
US11651210B2 (en) 2019-12-11 2023-05-16 Inait Sa Interpreting and improving the processing results of recurrent neural networks
US11797827B2 (en) 2019-12-11 2023-10-24 Inait Sa Input into a neural network
US11816553B2 (en) 2019-12-11 2023-11-14 Inait Sa Output from a recurrent neural network

Also Published As

Publication number Publication date
AR097974A1 (en) 2016-04-20
TWI727329B (en) 2021-05-11
TWI664552B (en) 2019-07-01
TW201528030A (en) 2015-07-16

Similar Documents

Publication Publication Date Title
JP6634127B2 (en) System and method for biometrics associated with a camera-equipped device
TWI727329B (en) Anti-spoofing system and method for providing selective access to resources based on a deep learning method
US10664581B2 (en) Biometric-based authentication method, apparatus and system
US10963552B2 (en) Method and electronic device for authenticating a user
Wojciechowska et al. The overview of trends and challenges in mobile biometrics
US10867022B2 (en) Method and apparatus for providing authentication using voice and facial data
Grafilon et al. A signature comparing android mobile application utilizing feature extracting algorithms
Singh et al. Adapted Facial Recognition And Spoofing Detection For Management Decision Making System: A Visually Impaired People Perspective
Zhang et al. Multifeature palmprint authentication
Nwannenna Design and development of a Multi-modal biometrics system with de-duplication functionality
Bennet et al. Performance & analysis of biometric security system & palm print steganographic techniques
El Nahal Mobile Multimodal Biometric System for Security
Yang A multi-stage non-cooperative iris recognition approach with enhanced template security