US20190034934A1

US20190034934A1 - Biometric payment

Info

Publication number: US20190034934A1
Application number: US16/048,039
Authority: US
Inventors: Joe Trelin; Matthew Snyder
Original assignee: Alclear LLC
Current assignee: Secure Identity LLC
Priority date: 2017-07-28
Filing date: 2018-07-27
Publication date: 2019-01-31
Also published as: US11935057B2; US11232451B2; US20230004983A1; US20210125187A1; US20230107755A1; US20220156749A1; US10922691B2; US11694204B2; US10534903B2; US20190384902A1; US11551223B2; US10515365B2; US20190236612A1; US20230385833A1; US11315117B2; US11797993B2; US20210125188A1; US10387635B2; US20190031145A1; US20230097112A1

Abstract

A biometric payment system device obtains a digital representation of a biometric, generates an abstract biometric identifier data structure using the digital representation of the biometric, receives a response from a biometric payment system based on a transmission of the abstract biometric identifier data structure, and completes a transaction based on the response. In some embodiments, a biometric payment system receives an abstract biometric identifier data structure from a biometric payment system device, generates a biometric template, determines an identity by providing the biometric template to a matching engine; and provides information associated with the identity to the biometric payment system device. In other embodiments, the biometric payment system determines a modality of the digital representation of the biometric, formats a biometric template for a matching engine, determines an identity using the matching engine, and provides information associated with the identity to the biometric payment system device.

Description

CROSS-REFERENCE TO RELATED APPLICATION

This application is a non-provisional patent application of and claims the benefit to U.S. Provisional Patent Application No. 62/538,418, filed Jul. 28, 2017, and titled “Biometric Payment;” U.S. Provisional Patent Application No. 62/545,511, filed Aug. 15, 2017, and titled “Biometric Pre-Identification;” and U.S. Provisional Patent Application No. 62/550,179, filed Aug. 25, 2017, and titled “Biometric Identification System Connected Vehicle;” the disclosures of which are hereby incorporated herein by reference in their entirety.

FIELD

The described embodiments relate generally to biometrics. More particularly, the present embodiments relate to biometric payment.

BACKGROUND

Biometric identification systems may identify people using biometrics. Biometrics may include fingerprints, irises, eyes, faces, voices, gaits, pictures, or other identifying characteristics about a person. A biometric identification system may capture a biometric using a biometric reader and identify a person by comparing the captured information against stored information. For example, a camera may capture an image of a fingerprint and compare the image of the fingerprint against stored fingerprint images.

SUMMARY

The present disclosure relates to systems that use abstract biometric identifiers (IDs). An abstract biometric ID may be a data structure that is formatted in a way that is recognizable by devices in a biometric identification system while being able to include one or more digital representations of biometrics and/or a variety of different information regarding the digital representation of the biometric, what to do with the digital representation of the biometric, and so on. By having a variety of different information in the uniform format of an abstract biometric ID, a biometric identification system can use abstract biometric ID data structures to provide a variety of different functions for a number of different applications to multiple different systems. The abstract biometric ID data structure may allow a biometric identification system to perform biometric identification of any number of biometrics and different types of biometrics. The abstract biometric ID data structure may also allow a biometric identification system to perform various different functions for a number of different systems. All of this may be possible due to the biometric identification system being able to use anything that has been formatted according to the expected abstract biometric ID data structure. Each requesting system may include whatever biometrics, specifications, and so on in the abstract biometric ID data structure and have the biometric identification system be able to respond as long as the biometrics, specifications, and so on are properly formatted in the abstract biometric ID data structure. This may allow the biometric identification system to more efficiently provide biometric identification and/or other services while using less computational resources that would otherwise be required to handle different kinds of requests. This may allow the biometric identification system to perform a variety of different functions that would otherwise not be possible due to needing separate entire system reconfiguration to add such functionality.
In various implementations, a biometric payment system device includes at least one non-transitory storage medium that stores instructions and at least one processor. The at least one processor executes the instructions to obtain a digital representation of a biometric, generate an abstract biometric identifier data structure using the digital representation of the biometric, receive a response from a biometric payment system based on a transmission of the abstract biometric identifier data structure, and complete a transaction based on the response.
In some examples, the abstract biometric identifier data structure includes the digital representation of the biometric. In various examples, the abstract biometric identifier data structure specifies a type of the digital representation of the biometric. In numerous examples, the abstract biometric identifier data structure specifies a target matching engine.
In various examples, the digital representation of the biometric is a first biometric representation and the abstract biometric identifier data structure includes the first biometric representation and a second biometric representation. In some such examples, the first biometric representation is an image and the second biometric representation is a data structure. In various such examples, the first biometric representation and the second biometric representation correspond to different types of biometrics.
In some implementations, a biometric payment system includes at least one non-transitory storage medium that stores instructions and at least one processor. The at least one processor executes the instructions to receive an abstract biometric identifier data structure from a biometric payment system device, the abstract biometric identifier data structure generated using a digital representation of a biometric; generate a biometric template corresponding to the digital representation of the biometric from the abstract biometric identifier data structure; determine an identity by providing the biometric template to a matching engine; and provide information associated with the identity to the biometric payment system device.
In various examples, the information includes a validated age of a person associated with the digital representation of the biometric. In some examples, the information includes a verified identity of a person associated with the digital representation of the biometric.
In numerous examples, the at least one processor communicates with a payment processing system. In some such examples, the information is a result of the at least one processor communicating with the payment processing system. In various such examples, the at least one processor communicates with the payment processing system to create a credit account for a person associated with the digital representation of the biometric.
In some examples, the abstract biometric identifier data structure includes a billing amount.
In numerous implementations, a biometric payment system includes at least one non-transitory storage medium that stores instructions and at least one processor. The at least one processor executes the instructions to receive an abstract biometric identifier data structure from a biometric payment system device, the abstract biometric identifier data structure generated using a digital representation of a biometric; determine a modality of the digital representation of the biometric from the abstract biometric identifier data structure; format a biometric template for a matching engine using the abstract biometric identifier data structure; determine an identity using the matching engine; and provide information associated with the identity to the biometric payment system device.
In some examples, the abstract biometric identifier data structure is a first abstract biometric identifier data structure, the digital representation of the biometric is a first digital representation of a first biometric, the biometric payment system device is a first biometric payment system device, the at least one processor is operable to receive a second abstract biometric identifier data structure from a second biometric payment system device, and the second abstract biometric identifier data structure is generated using a second digital representation of a second biometric. In some such examples, the first digital representation of the first biometric has a different modality than the second digital representation of the second biometric. In various such examples, the at least one processor uses a first matching engine for the first digital representation of the first biometric and a second matching engine for the second digital representation of the second biometric (and may determine the identity using a combination of results of the first and second matching engines). In numerous such examples, the first biometric is a fingerprint and the second biometric is at least a portion of a face.

BRIEF DESCRIPTION OF THE DRAWINGS

The disclosure will be readily understood by the following detailed description in conjunction with the accompanying drawings, wherein like reference numerals designate like structural elements.

FIG. 1 depicts an example system for biometric payment that includes a point of sale or other device and/or credit card integration.

FIG. 2 depicts an example application programming interface client interaction for the system of FIG. 1.

FIG. 3 depicts an example application programming interface server interaction for the system of FIG. 1.

FIG. 4 depicts an example data structure that may be used for the abstracted biometric identifier in the system of FIG. 1.

FIG. 5 depicts an example process flow of the system of FIG. 1.

FIG. 6 depicts an example of matching engine abstraction that may be used in the present disclosure.

FIG. 7 depicts a first example method of biometric payment processing.

FIG. 8 depicts a second example method of biometric payment processing.

FIG. 9 depicts a third example method of biometric payment processing.

FIG. 10 depicts an example of functional relationships between components that may be used to implement the device and backend in the system of FIG. 1.

DETAILED DESCRIPTION

Reference will now be made in detail to representative embodiments illustrated in the accompanying drawings. It should be understood that the following descriptions are not intended to limit the embodiments to one preferred embodiment. To the contrary, it is intended to cover alternatives, modifications, and equivalents as can be included within the spirit and scope of the described embodiments as defined by the appended claims.
The description that follows includes sample systems, methods, apparatuses, and computer program products that embody various elements of the present disclosure. However, it should be understood that the described disclosure may be practiced in a variety of forms in addition to those described herein.
Biometric identification systems are typically configured for a static purpose. Devices are set to communicate in a particular way for a particular, static purpose. As part of that, the systems are typically statically configured to obtain a particular type of biometric in a particular way, process that expected type of biometric, and perform statically configured actions based on that unchanging process. Biometric identification systems are typically not able to handle biometric identification for different applications or systems, different types of biometrics, or perform different sets of actions based upon differing needs. Typically, changes (such as to the type of biometric, how to process the biometric, what to do upon identification) to the system necessitate reconfiguration of the entire system.
Further, biometric identification systems are typically limited in being able to perform biometric identification for outside systems out of privacy concerns for biometric information. As it would be undesirable to allow unauthorized access to biometrics, biometrics are often not shared between internal and external systems. These kinds of concerns limit the flexibility, functionality, and efficiency of biometric identification systems.
The following disclosure relates to systems that use abstract biometric identifiers (IDs). An abstract biometric ID may be a data structure that is formatted in a way that is recognizable by devices in a biometric identification system while being able to include one or more digital representations of biometrics and/or a variety of different information regarding the digital representation of the biometric, what to do with the digital representation of the biometric, and so on. By having a variety of different information in the uniform format of an abstract biometric ID, a biometric identification system can use abstract biometric ID data structures to provide a variety of different functions for a number of different applications to multiple different systems. The abstract biometric ID data structure may allow a biometric identification system to perform biometric identification of any number of biometrics and different types of biometrics. The abstract biometric ID data structure may also allow a biometric identification system to perform various different functions for a number of different systems. All of this may be possible due to the biometric identification system being able to use anything that has been formatted according to the expected abstract biometric ID data structure. Each requesting system may include whatever biometrics, specifications, and so on in the abstract biometric ID data structure and have the biometric identification system be able to respond as long as the biometrics, specifications, and so on are properly formatted in the abstract biometric ID data structure. This may allow the biometric identification system to more efficiently provide biometric identification and/or other services while using less computational resources that would otherwise be required to handle different kinds of requests. This may allow the biometric identification system to perform a variety of different functions that would otherwise not be possible due to needing separate entire system reconfiguration to add such functionality.
In various embodiments, a biometric payment system device obtains a digital representation of a biometric, generates an abstract biometric identifier data structure using the digital representation of the biometric, receives a response from a biometric payment system based on a transmission of the abstract biometric identifier data structure, and completes a transaction based on the response. In some embodiments, a biometric payment system receives an abstract biometric identifier data structure from a biometric payment system device, generates a biometric template, determines an identity by providing the biometric template to a matching engine; and provides information associated with the identity to the biometric payment system device. In other embodiments, the biometric payment system determines a modality of the digital representation of the biometric, formats a biometric template for a matching engine, determines an identity using the matching engine, and provides information associated with the identity to the biometric payment system device.
Various implementations relate to biometric payment systems. One or more biometrics (such as one or more fingerprints, irises, eyes, faces, voices, gaits, pictures or other digital representations thereof, hashes, encodings thereof, combinations thereof, and so on) may be obtained by one or more biometric readers associated with an electronic device. An application programming interface (API), software development kit (SDK), or other software of the electronic device may create one or more abstract biometric IDs based on the obtained biometric. The API may transmit the abstract biometric ID directly or indirectly to a backend or other electronic device, such as via an encrypted connection. The backend may determine the modality (e.g., type) of the abstract biometric ID, format the abstract biometric ID for a particular matcher based on the determined modality, and provide the formatted abstract biometric ID to the particular matcher. The matcher may identify a person based on the formatted abstract biometric ID and provide information regarding the identification to the backend. The backend may then communicate with the API and/or the associated electronic device and/or other devices to facilitate payment.
In this way, payment systems and/or associated devices may be more secure, flexible, faster, and capable of performing more functions than prior systems. Users may not be burdened with providing credit cards or other information for each and every purchase. Fraud may be reduced by restricting payment methods to authorized users. A single system may be operable to handle any number of different biometrics and/or combinations thereof without using redundant components and/or resources.
Biometric payment may be facilitated by identifying a person who provided the biometric, obtaining and/or providing payment information, obtaining and/or providing biographical information for the person, obtaining and/or providing age validation for the person, obtaining and/or providing criminal check information for the person, obtaining and/or providing risk score information for the person, creating a credit account for the person, processing payment for a transaction, and so on. Various configurations are possible and contemplated.
These and other embodiments are discussed below with reference to FIGS. 1-9. However, those skilled in the art will readily appreciate that the detailed description given herein with respect to these Figures is for explanatory purposes only and should not be construed as limiting.
The biometric payment technology of the present application may enable end users to pay for any good or service with or without carrying a phone or intermediary device. The present disclosure may abstract the biometric ID process, creating an abstract biometric ID that may be an image, a data structure, a hash, or any mathematical or computer based construct. The abstract biometric ID may represent any biometric type or modality. For example, abstract biometric ID may represent a finger, face, voice, iris, or gait, and so on. This may give the abstract biometric ID the ability to work with any hardware, any modality, or multiple modalities at a single time.
The abstract biometric ID, which may be secure in itself, may be further secured through a multiple of protocols including dual certification https, in-flight encryption, and non-redundant encryption. This may mean that the abstract biometric ID may be encrypted in-flight using different protocols each time.
The abstraction technology of the present disclosure may allow the abstract biometric ID to be integrated with any matching engine. A backend or other device that receives the abstract biometric ID may detect the biometric type of the abstract biometric ID and format the abstract biometric ID accordingly to the proper template (e.g., a format specified for and/or appropriate to the particular matcher that matches that biometric type, the formatting putting the abstract biometric ID into a form that the matcher can compare against a corresponding biometric database) of one or many templates for singular or parallel processing (abstract data structure and so on).
In the case of multi-modal abstract biometric IDs (such as a combination of a facial image, an iris, and a gait and/or any other such combination of different biometric types), the backend may detect each of the modalities, and run each of the modalities through an appropriate matcher or matching engine. Through the prioritization of modalities, scores, and statistical combinatorics, the backend may determine a most accurate and/or likely match (e.g., identify the person associated with the biometric).
An associated credit card or pre-existing payment instrument may or may not be associated with biometric payment as disclosed herein. Options for payment may include, but are not limited to, a credit card on file, a pre-existing credit balance, ACH, through credit based offline payments, the creation of a line of credit, and so on.
Upon transaction, the system discussed herein may simultaneously process payments and validate any number of additional factors. These additional factors may include, but are not limited to, validating age data, financial risk, criminality, terrorism, credit risk, opening a line of credit, and so on. In some implementations, the system discussed herein may be operable to open a line of credit to process a payment that has been otherwise declined.
Multiple biometric types may be accepted at a single point of contact. The backend may determine, using the same API call, which biometric type was used. The biometric API may use the abstract identifier by itself. In such cases, no additional information or hints may be required.
The biometric payment system discussed herein may or may not use a point of sale (POS) device or system. In some implementations, the system may integrate into commercial POS systems.
The biometric payment system may include libraries that enable the rapid reading and transmission of biometrics. Such libraries may be included for Android™, iOS™, Windows™, and/or other operating systems.
The system may perform credit risk checks. This may allow for offline payments.
By using a “centralized” backend (i.e., a single system that various POS or other devices may connect to for biometric payment, not necessarily a single device as the backend may be one or more computing devices that may interact to perform the functions discussed herein such as one or more cloud computing configurations, cooperative processing configurations, and so on) for identity verification, biometrics may be registered once, in any location, and reused across different ecosystems. In other words, any number of different devices using the API or software may transmit abstract biometric IDs to the backend without people needing to separately register the associated biometric at each device.
The backend technology may retrieve biometric data from any repository of biometric information. In some cases, the backend may store such a repository. In other cases, the repository may be stored remotely.
The backend technology may distribute and/or limit credit card access to improve security and maintain payment card industry (PCI) compliance. The backend technology may also distribute and/or limit access to other payment options, other private information for identified people, and so on.
FIG. 1 depicts an example system 100 for biometric payment that includes point of sale or other device 101 and/or credit card integration. Users may enter one or more biometrics into any biometric reader 102 (such as one or more still image or video cameras, fingerprint scanners, and/or any other device that may be used to capture biometric information) of a device 101. The device 101 may stand alone, be integrated into an on-premises POS, or be on a mobile device. There may be multiple devices present.
An API may reside in an application that is integrated into the device 101 or connected devices. Examples of such devices 101 may include, but are not limited to, a point of sale device, a mobile device, tablet, or any other computer device. The API may receive the data from the device 101 and may generate and send an abstracted, encoded biometric identifier to a backend 103 or API gateway. This abstract biometric ID may be of any form or structure (e.g., a hash and so on), may involve serialization or packetizing of a digital representation of the biometric, and/or various other processing. The abstract biometric ID may be unreadable on its own, may be of any modality (type of biometric), from any hardware. It may be sent via dual certificate HTTPS and on-the-fly unique encryption to the backend.
The backend 103 may decrypt the transmission, interpret the modality or modalities of the data structure of the abstract biometric ID, and dynamically create templates or formats associated with any number of matchers or matching engines 104 that are compliant with the sent modality or modalities. The matching engine 104 may execute on the backend 103 and/or on another device with which the backend 103 is operable to communicate.
The matching engine 104 may retrieve biometric information from any biometric repository, including the backend's own repository. In the case of multi-modal abstract biometric IDs, the backend 103 may detect each of the modalities, run each of them through the proper matching engine(s) 104 and through the prioritization of modalities, scores, statistical combinatorics, and so on, determine a most accurate and/or likely match (e.g., identify a person associated with the biometric).
If the abstract biometric ID is identified, the abstract biometric ID may be simultaneously and/or otherwise sent to a number of information, validation, and/or other services or servers 105 a-105 f. Such services or servers may include, but are not limited to, an age validation service, a terrorist risk service, a criminality service, a wanted list, a credit check service, a payment engine, a line of credit account validation service, and so on.
The API may return data (which may be received from the backend 103) that indicates one or all of the requested information. For example, requested information may include, but is not limited to, whether the individual has an approved purchase, if they're of a specific age (such as twenty-one for purchase of alcohol or gambling services), if they have a risk score that indicates either a criminal or terrorist risk factor (e.g., money laundering), if they have an approved line of credit, and so on. This return may be formatted in a variety of ways. For example, the return may be itemized, with or without explanation, be a single decline with or without an explanation, be a risk score that can be assessed per merchant either through human intervention or through code written in the POS, and so on. The API may also return results, explanations, or codes based upon predefined rules, logic, algorithms, and so on.
FIG. 2 depicts an example application programming interface client interaction 200 for the system 100 of FIG. 1. It is understood that this is provided for the purposes of example. In various implementations, other interactions may be performed, whether by an application programming interface client, other software, and so on.
210: Any biometric reader or device may be used. The device may be stand-alone, embedded in a mobile device, part of or attached to a tablet, computer, point of sale system, and so on. Rapid biometric IDs may be integrated in POS systems, including those based on Windows™, Android™, iOS™, and so on. The API may be included in an application that is connected to the device or embedded in the device.
220: The technology discussed herein may be designed to abstract the biometric ID process. This may create an abstract biometric ID that may be an image, a data structure, a hash, or any mathematical or computer based construct. The abstract biometric ID may represent any biometric type or modality. Examples include, but are not limited to, a finger, face, voice, iris or gait. This may give the disclosed system the ability to work with any hardware, any modality, or multiple modalities at a single time.
230: The abstract biometric ID, secure in itself, may be further secured through a multiple of protocols. This may include, but is not limited to, dual certification https, in-flight encryption, non-redundant encryption, and so on. This may mean that the abstract biometric ID is encrypted in-flight using different protocols each time.
FIG. 3 depicts an example application programming interface server interaction 300 for the system 100 of FIG. 1. Again, it is understood that this is provided for the purposes of example. In various implementations, other interaction may be performed, whether by an application programming interface server, a backend, other devices, and so on.
340: The abstract biometric ID may be unencrypted and cast to the proper modality. In the case of multi-modal abstract biometric IDs, the modality of each may be detected.
350: The abstract biometric ID may then be converted to the proper template format for a matching engine(s) appropriate for the detected modality. Each abstract biometric ID may be run through the appropriate matching engine(s) and through the prioritization of modalities, scores, statistical combinatorics, and so on to determine the most accurate match.
360: The person associated with the biometric may be identified. In some cases, a person may not be identified as the biometric may not have been registered with the system or the biometric repository. In such a case the backend may return an error, prompt for an enrollment process, and/or perform various other actions related to a failed identification.
370: Prior to returning the identification, the abstract biometric ID may be sent to various services or servers in order to return various requested or other information. Services or servers may include, but are not limited to, a risk score, a credit account creation, payment engine, a criminal data check, and so on.
380: Return identification data and associated information. This may be returned to the API, the device associated with the API, an associated device, and so on.
FIG. 4 depicts an example data structure 400 that may be used for the abstracted biometric identifier in the system 100 of FIG. 1. The data structure may include a header 401. Such a header 401 may include a machine identifier, a biometric type, a specification of a targeting matching engine(s), and so on. The data structure may also include a biometric object 402 or digital representation thereof, such as an image, data structure, blob, and so on. The data structure may also include a cast type 403, an object structure self-describing identifier 404, metadata 405 (such as a time stamp, location, or the like), and so on.
FIG. 5 depicts an example process flow 500 of the system 100 of FIG. 1. As shown, software on the POS or other device 101 may perform various actions related to the biometric. These may include analysis on the quality and type of the biometric, automatic capture based on highest quality, tagging with metadata for processing hints to the API, and so on.
The abstract biometric ID and/or other payload provided by the API may include capture of one or more biometric modalities, billable amounts, biometric capture quality indications, biometric template and/or processing hints or directions, times of capture, device details, other related metadata, and so on. The response may include identity confirmation or rejection, age validation or rejection, payment approval or rejection, risk score threshold approval or rejection, purchase throttling (e.g., a limit on an amount of alcohol or other controlled item that may be purchased in a particular time frame), and so on.
As shown, identity determination may use the formatted abstract biometric ID, template, or other processed version of the abstract biometric ID to determine identity using a number of different methods 501-503. A first method 501 may be a high fidelity modality method. In such a method 501, the identity determination may determine and extract biometrics and then perform identification through a matching engine 104.
A second method 502 may be a mixed modality method. In such a method 502, biometrics may be determined and extracted from a higher fidelity modality or higher quality biometric, a first identification may be performed through a matching engine 104 associated with the determined and extracted biometric, and a remaining modality or modalities may be used to perform a second identification from a reduced gallery resulting from the first identification (such as where a facial recognition is used as a first identification to generate a reduced biometric gallery for comparison of irises).
A third method 503 may be an intelligent gallery reduction method. In such a method 503, biometrics may be determined and extracted; metadata, hints, and caller information may be used to generate a limited biometric gallery for comparison, and the determined and extracted biometric may be identified against the generated limited biometric gallery for increased matching accuracy.
It is understood that this first method 501, second method 502, and third method 503 are provided for the purpose of example. Identity determination may be performed using a variety of different methods without departing from the scope of the present disclosure.
As further illustrated, an identity service 505 may provide biographical information retrieval, age validation, risk analysis, and so on. A payment gateway 506 may provide functions such as payment processing, payment throttling (e.g., limits to the amount of money that may be charged to various payment accounts whether within a particular time limit or in general), and so on.
Again, it is understood that the example process flow 500 of FIG. 5 is provided for the purposes of example. In various implementations, the system 100 of FIG. 1 and/or other systems or devices that use various techniques of the present disclosure may perform a variety of different processes with various process flows without departing from the scope of the present disclosure.
For example, an example system may identify a person based on a biometric as discussed above. A backend may store payment information for the person. In some implementations, the backend may store actual payment account identifiers, such as credit card numbers, that the backend may pass (and/or interact with the API or associated device to pass) to a payment processing system. In other implementations, the backend may store an identifier that may be provided to a payment system to identify an actual payment account identifier stored by the payment system, thus isolating the backend from actual payment account identifiers. In still other implementations, the backend may be operable to pass the determined identity to a payment processing system which may itself determine actual payment account identifiers based on the provided identity. Regardless, as a result in such examples, the return may include a confirmation of whether or not payment has been accepted.
In various implementations of such cases, the payment processing system may provide a response that payment is declined. In such a case, the backend may be operable to communicate with one or more systems to determine if the person is a sufficient credit risk to create a new payment account and process payment using the new payment account. In such a case, the new payment account may be created using information obtained using the determined identity such as a name of the person, a social security number of the person, an address of the person, an annual income of the person, and so on.
In some implementations, a POS may attempt to prevent payment fraud by obtaining a risk score for a person in addition to processing payment. In such an implementation, the backend may communicate with various servers to determine a risk score for the person that indicates a risk of whether or not there could be a problem with the person's payment. For example, a person could have a valid credit card, but may frequently dispute charges. This may be indicated to the POS, which may decline the transaction even if it is possible to process payment.
In numerous implementations, the products related to the biometric payment may require some kind of validation based on the person's identity. For example, purchase of alcohol may be limited to people who are twenty-one years of age or older. By way of another example, purchase of firearms may be limited to people who have not been convicted of a violent crime. By way of another example, a person may be required to have a valid driver's license in order to rent an automobile. As part of biometric payment, the backend may communicate with various servers to verify the person's age, criminal background, license status, and/or other information in order to validate the transaction based on the determined identity of the person.
In various implementations, purchase of certain kinds of cold remedies may be tracked by authorities. As part of biometric payment, the backend may communicate with various servers to determine that the person has not exceeded an amount of allowable product that the person can purchase, is not barred from purchasing such products, and so on. The backend may also update various servers that monitor purchase of such products so that data regarding such products purchased by the person are up to date.
In some implementations, the backend may be configured to perform a number of different processes, such as one or more of the above. Rather than receiving an abstract biometric identifier and then providing a response, the backend may interact with the API and/or the associated device in order to determine whether or not to perform various other actions besides determining identity, such as payment processing, age validation, credit account creation, risk score determination, criminal check, obtaining biographical information, and so on.
In numerous implementations, the techniques disclosed herein may be used for processes other than biometric payment. For example, the biometric identification discussed above may be used to identify a person and validate their age for purposes of entry into a casino, bar, or other age-restricted area, as a prerequisite for providing the person alcohol or other age restricted products in a non-payment situation, and so on. Various configurations are possible and contemplated without departing from the scope of the present disclosure.
FIG. 6 depicts an example of matching engine abstraction 600 that may be used in the present disclosure. This may be performed by the backend 102 discussed with respect to FIGS. 1-3. As illustrated, the abstract biometric ID 400 may be provided to a matching engine gateway 601. The matching engine gateway 601 may provide the abstract biometric ID 400 to one or more adapters 602 associated with a particular matching engine 104 (e.g., a software development kit or API associated with the particular matching engine). The adapter associated with the particular matching engine 104 may format the abstract biometric ID and/or information contained therein into a template 603 or format that the particular matching engine 104 is configured to work with. The template 603 may then be provided to the particular matching engine 104, which may then perform matching on the template to determine the identity of the person associated with the abstract biometric ID 400 from which the template 603 was generated.
For example, the matching engine gateway 601 may provide an abstract biometric ID 400 associated with the face of a person to a facial matching engine adapter 602 associated with a matching engine 104 provided by Innovatrics™. By way of another example, the matching engine gateway 601 may provide an abstract biometric ID 400 associated with the face of a person to a facial matching engine adapter 602 associated with a matching engine 104 provided by Chui™. By way of still another example, the matching engine gateway 601 may provide an abstract biometric ID 400 associated with the face of a person to a facial matching engine adapter 602 associated with a matching engine 104 provided by Rank One Computing™. By way of yet another example, the matching engine gateway 601 may provide an abstract biometric ID 400 associated with the fingerprint of a person to a fingerprint matching engine adapter 602 associated with a matching engine 104 provided by Innovatrics™. In still another example, the matching engine gateway 601 may provide an abstract biometric ID 400 associated with the fingerprint of a person to a fingerprint matching engine adapter 602 associated with a matching engine 104 provided by BioMoRF Systems Limited™. In yet another example, the matching engine gateway 601 may provide an abstract biometric ID 400 associated with the iris of a person to an iris matching engine adapter 602 associated with a matching engine 104 provided by FotoNation™.
FIG. 7 depicts a first example method 700 of biometric payment processing. The first example method 700 may be performed using the system 100 of FIGS. 1-3. For example, the first example method 700 may be performed by the device 101.
At 710, a biometric may be obtained. At 720, an abstract biometric ID may be generated based on the biometric. At 730, the abstract biometric ID may be sent to a backend or other device.
At 740, it is determined whether or not a response is received. If not, the flow proceeds to 750 where a response is waited for before determining again whether or not a response is received at 740. Otherwise, the flow proceeds to 760 where the transaction may be completed based on the received response.
In various examples, this example method 700 may be implemented as a group of interrelated software modules or components that perform various functions discussed herein. These software modules or components may be executed by one or more computing devices. For example, these software modules or components may be executed by the device 101.
Although the example method 700 is illustrated and described as including particular operations performed in a particular order, it is understood that this is an example. In various implementations, various orders of the same, similar, and/or different operations may be performed without departing from the scope of the present disclosure.
For example, 710 is illustrated and described as obtaining a biometric. However, in various implementations, a digital representation of a biometric may be obtained. Various configurations are possible and contemplated without departing from the scope of the present disclosure.
In various embodiments, a biometric payment system device may include at least one non-transitory storage medium that stores instructions and at least one processor. The at least one processor may execute the instructions to obtain a digital representation of a biometric, generate an abstract biometric identifier data structure using the digital representation of the biometric, receive a response from a biometric payment system based on a transmission of the abstract biometric identifier data structure, and complete a transaction based on the response.
In some examples, the abstract biometric identifier data structure may include the digital representation of the biometric. In various examples, the abstract biometric identifier data structure may specify a type of the digital representation of the biometric. In numerous examples, the abstract biometric identifier data structure may specify a target matching engine.
In various examples, the digital representation of the biometric may be a first biometric representation and the abstract biometric identifier data structure may include the first biometric representation and a second biometric representation. In some such examples, the first biometric representation may be an image and the second biometric representation may be a data structure. In various such examples, the first biometric representation and the second biometric representation may correspond to different types of biometrics.
FIG. 8 depicts a second example method 800 of biometric payment processing. The second example method 800 may be performed by the system 100 of FIGS. 1-3. For example, the first example method 700 may be performed by the backend 103 of the system 100 of FIGS. 1-3.
At 810, an abstract biometric ID may be received (such as from the API of FIGS. 1-3). At 820, a modality of the abstract biometric ID may be determined. At 830, the abstract biometric ID may be formatted for an appropriate matching engine based on the determined modality. At 840, the identity may be determined using the formatted abstract biometric ID and the appropriate matching engine. The flow then proceeds to 850 where information based on the determined identity may be returned (such as to the API of FIGS. 1-3).
In various examples, this example method 800 may be implemented as a group of interrelated software modules or components that perform various functions discussed herein. These software modules or components may be executed by one or more computing devices. For example, these software modules or components may be executed by the backend 103 of the system 100 of FIGS. 1-3.
Although the example method is illustrated and described as including particular operations performed in a particular order, it is understood that this is an example. In various implementations, various orders of the same, similar, and/or different operations may be performed without departing from the scope of the present disclosure.
For example, 840 is illustrated and described as determining the identity of a person associated with the abstract biometric ID by matching biometric information in the formatted abstract biometric ID with stored biometric information using the appropriate matching engine. However, in some cases, the abstract biometric ID may be associated with a person for whom no biometric information is stored. In such a situation, it may instead be concluded that identity cannot be ascertained. In some implementations, this may trigger presentation of an opportunity to enroll the person in a biometric identification system.
In numerous embodiments, a biometric payment system may include at least one non-transitory storage medium that stores instructions and at least one processor. The at least one processor may execute the instructions to receive an abstract biometric identifier data structure from a biometric payment system device, the abstract biometric identifier data structure generated using a digital representation of a biometric; determine a modality of the digital representation of the biometric from the abstract biometric identifier data structure; format a biometric template for a matching engine using the abstract biometric identifier data structure; determine an identity using the matching engine; and provide information associated with the identity to the biometric payment system device.
In some examples, the abstract biometric identifier data structure may be a first abstract biometric identifier data structure, the digital representation of the biometric may be a first digital representation of a first biometric, the biometric payment system device may be a first biometric payment system device, the at least one processor may be operable to receive a second abstract biometric identifier data structure from a second biometric payment system device, and the second abstract biometric identifier data structure may be generated using a second digital representation of a second biometric. In some such examples, the first digital representation of the first biometric may have a different modality than the second digital representation of the second biometric. In various such examples, the at least one processor may use a first matching engine for the first digital representation of the first biometric and a second matching engine for the second digital representation of the second biometric (and may determine the identity using a combination of results of the first and second matching engines). In numerous such examples, the first biometric may be a fingerprint and the second biometric may be at least a portion of a face.
FIG. 9 depicts a third example method 900 of biometric payment processing. The third example method 900 may be performed by the system 100 of FIGS. 1-3. For example, the first example method 700 may be performed by the backend 103.
At 910 an abstract biometric ID may be received (such as from the API of FIGS. 1-3). At 920, the abstract biometric ID may be converted to a template based on a modality of the abstract biometric ID. At 930, a person may be identified based on running the template through a corresponding matching engine. At 940, it may be determined whether or not to obtain other information based on the determined identity (such as payment information, biographical information, age validation, criminal checks, credit account creation, risk score, and so on). If not, at 950 a response based on the determined identity may be sent (such as to the API of FIGS. 1-3). Otherwise, the flow proceeds to 960.
At 960, after it is determined to obtain other information based on the determined identity, the determined identity may be provided to one or more other servers. At 970, information may be received related to the provided identity. At 980, the information may be added to the response that is sent at 950.
In various examples, this example method 900 may be implemented as a group of interrelated software modules or components that perform various functions discussed herein. These software modules or components may be executed by one or more computing devices. For example, these software modules or components may be executed by the backend 103 of the system 100 of FIGS. 1-3.
Although the example method 900 is illustrated and described as including particular operations performed in a particular order, it is understood that this is an example. In various implementations, various orders of the same, similar, and/or different operations may be performed without departing from the scope of the present disclosure.
For example, 940-960 is illustrated and described as obtaining the other information from one or more other servers and including the other information in response. However, it is understood that this is an example. In various implementations, the other server may respond directly and the other information may not be included in the response. Various configurations are possible and contemplated without departing from the scope of the present disclosure.
In some embodiments, a biometric payment system may include at least one non-transitory storage medium that stores instructions and at least one processor. The at least one processor may execute the instructions to receive an abstract biometric identifier data structure from a biometric payment system device, the abstract biometric identifier data structure generated using a digital representation of a biometric; generate a biometric template corresponding to the digital representation of the biometric from the abstract biometric identifier data structure; determine an identity by providing the biometric template to a matching engine; and provide information associated with the identity to the biometric payment system device.
In various examples, the information may include a validated age of a person associated with the digital representation of the biometric. In some examples, the information may include a verified identity of a person associated with the digital representation of the biometric.
In numerous examples, the at least one processor may communicate with a payment processing system. In some such examples, the information may be a result of the at least one processor communicating with the payment processing system. In various such examples, the at least one processor may communicate with the payment processing system to create a credit account for a person associated with the digital representation of the biometric.
In some examples, the abstract biometric identifier data structure may include a billing amount.
Aspects of the present disclosure may be performed by one or more devices, such as one or more computing devices, that may be configured as part of a system. For example, one or more computing devices that perform one or more aspects of this disclosure may be part of a cloud computing system, cooperative computing arrangement, and so on. Such devices may include one or more processing units, one or more non-transitory storage media (which may take the form of, but is not limited to, a magnetic storage medium; optical storage medium; magneto-optical storage medium; read only memory; random access memory; erasable programmable memory; flash memory; and so on), and/or other components. The processing unit may execute one or more instructions stored in the non-transitory storage medium to perform one or more processes that utilize one or more of the techniques disclosed herein for biometric payment.
For example, FIG. 10 depicts an example 1000 of functional relationships between components that may be used to implement the device 101 and backend 103 in the system 100 of FIG. 1. The device 101 may include one or more processing units 1001 or other processors or controllers, biometric readers 102 (which may be incorporated into and/or external to the device 101), communication units 1002, non-transitory storage media 1003, and so on. The processing unit 1001 may execute instructions stored in the non-transitory storage medium 1003 in order to perform various functions. Such functions may include, but are not limited to, obtaining biometric information using the biometric reader 102, creating one or more abstract biometric IDs, communicating with the backend 103 using the communication component 1002, receiving transaction requests, processing transaction requests, and so on.
Similarly, the backend 103 may include one or more processing units 1005 or other processors or controllers, communication units 1006, non-transitory storage media 1007, and so on. The processing unit 1005 may execute instructions stored in the non-transitory storage medium 1007 in order to perform various functions. Such functions may include, but are not limited to, communicating with the device 101 and/or one or more servers 105 a-f using the communication component 1006, receiving one or more abstract biometric IDs, determining the modality of an abstract biometric ID, formatting an abstract biometric ID for a matching engine, converting an abstract biometric ID to a template, determining identity using an abstract biometric ID, returning information, and so on.
The present disclosure recognizes that biometric and/or other personal data is owned by the person from whom such biometric and/or other personal data is derived. This data can be used to the benefit of those people. For example, biometric data may be used to conveniently and reliably identify and/or authenticate the identity of people, access securely stored financial and/or other information associated with the biometric data, and so on. This may allow people to avoid repeatedly providing physical identification and/or other information.
The present disclosure further recognizes that the entities who collect, analyze, store, and/or otherwise use such biometric and and/or other personal data should comply with well-established privacy policies and/or privacy practices. Particularly, such entities should implement and consistently use privacy policies and practices that are generally recognized as meeting or exceeding industry or governmental requirements for maintaining security and privately maintaining biometric and/or other personal data, including the use of encryption and security methods that meets or exceeds industry or government standards. For example, biometric and/or other personal data should be collected for legitimate and reasonable uses and not shared or sold outside of those legitimate uses. Further, such collection should occur only after receiving the informed consent. Additionally, such entities should take any needed steps for safeguarding and securing access to such biometric and/or other personal data and ensuring that others with access to the biometric and/or other personal data adhere to the same privacy policies and practices. Further, such entities should certify their adherence to widely accepted privacy policies and practices by subjecting themselves to appropriate third party evaluation.
Additionally, the present disclosure recognizes that people may block the use of, storage of, and/or access to biometric and/or other personal data. Entities who typically collect, analyze, store, and/or otherwise use such biometric and and/or other personal data should implement and consistently prevent any collection, analysis, storage, and/or other use of any biometric and/or other personal data blocked by the person from whom such biometric and/or other personal data is derived.
As described above and illustrated in the accompanying figures, the present disclosure relates to systems that use abstract biometric identifiers (IDs). An abstract biometric ID may be a data structure that is formatted in a way that is recognizable by devices in a biometric identification system while being able to include one or more digital representations of biometrics and/or a variety of different information regarding the digital representation of the biometric, what to do with the digital representation of the biometric, and so on. By having a variety of different information in the uniform format of an abstract biometric ID, a biometric identification system can use abstract biometric ID data structures to provide a variety of different functions for a number of different applications to multiple different systems. The abstract biometric ID data structure may allow a biometric identification system to perform biometric identification of any number of biometrics and different types of biometrics. The abstract biometric ID data structure may also allow a biometric identification system to perform various different functions for a number of different systems. All of this may be possible due to the biometric identification system being able to use anything that has been formatted according to the expected abstract biometric ID data structure. Each requesting system may include whatever biometrics, specifications, and so on in the abstract biometric ID data structure and have the biometric identification system be able to respond as long as the biometrics, specifications, and so on are properly formatted in the abstract biometric ID data structure. This may allow the biometric identification system to more efficiently provide biometric identification and/or other services while using less computational resources that would otherwise be required to handle different kinds of requests. This may allow the biometric identification system to perform a variety of different functions that would otherwise not be possible due to needing separate entire system reconfigurations to add such functionality.
In the present disclosure, the methods disclosed may be implemented as sets of instructions or software readable by a device. Further, it is understood that the specific order or hierarchy of steps in the methods disclosed are examples of sample approaches. In other embodiments, the specific order or hierarchy of steps in the method can be rearranged while remaining within the disclosed subject matter. The accompanying method claims present elements of the various steps in a sample order, and are not necessarily meant to be limited to the specific order or hierarchy presented.
The described disclosure may be provided as a computer program product, or software, that may include a non-transitory machine-readable medium having stored thereon instructions, which may be used to program a computer system (or other electronic devices) to perform a process according to the present disclosure. A non-transitory machine-readable medium includes any mechanism for storing information in a form (e.g., software, processing application) readable by a machine (e.g., a computer). The non-transitory machine-readable medium may take the form of, but is not limited to, a magnetic storage medium (e.g., floppy diskette, video cassette, and so on); optical storage medium (e.g., CD-ROM); magneto-optical storage medium; read only memory (ROM); random access memory (RAM); erasable programmable memory (e.g., EPROM and EEPROM); flash memory; and so on.
The foregoing description, for purposes of explanation, used specific nomenclature to provide a thorough understanding of the described embodiments. However, it will be apparent to one skilled in the art that the specific details are not required in order to practice the described embodiments. Thus, the foregoing descriptions of the specific embodiments described herein are presented for purposes of illustration and description. They are not targeted to be exhaustive or to limit the embodiments to the precise forms disclosed. It will be apparent to one of ordinary skill in the art that many modifications and variations are possible in view of the above teachings.

Claims

What is claimed is:

1. A biometric payment system device, comprising:

at least one non-transitory storage medium that stores instructions; and

at least one processor that executes the instructions to:

obtain a digital representation of a biometric;

generate an abstract biometric identifier data structure using the digital representation of the biometric;

receive a response from a biometric payment system based on a transmission of the abstract biometric identifier data structure; and

complete a transaction based on the response.

2. The biometric payment system device of claim 1, wherein the abstract biometric identifier data structure includes the digital representation of the biometric.

3. The biometric payment system device of claim 1, wherein the abstract biometric identifier data structure specifies a type of the digital representation of the biometric.

4. The biometric payment system device of claim 1, wherein the abstract biometric identifier data structure specifies a target matching engine.

5. The biometric payment system device of claim 1, wherein:

the digital representation of the biometric is a first biometric representation; and

the abstract biometric identifier data structure includes the first biometric representation and a second biometric representation.

6. The biometric payment system device of claim 5, wherein:

the first biometric representation is an image; and

the second biometric representation is a data structure.

7. The biometric payment system device of claim 5, wherein the first biometric representation and the second biometric representation correspond to different types of biometrics.

8. A biometric payment system, comprising:

at least one non-transitory storage medium that stores instructions; and

at least one processor that executes the instructions to:

receive an abstract biometric identifier data structure from a biometric payment system device, the abstract biometric identifier data structure generated using a digital representation of a biometric;

generate a biometric template corresponding to the digital representation of the biometric from the abstract biometric identifier data structure;

determine an identity by providing the biometric template to a matching engine; and

provide information associated with the identity to the biometric system payment device.

9. The biometric payment system of claim 8, wherein the information includes a validated age of a person associated with the digital representation of the biometric.

10. The biometric payment system of claim 8, wherein the information includes a verified identity of a person associated with the digital representation of the biometric.

11. The biometric payment system of claim 8, wherein the at least one processor communicates with a payment processing system.

12. The biometric payment system of claim 11, wherein the information comprises a result of the at least one processor communicating with the payment processing system.

13. The biometric payment system of claim 11, wherein the at least one processor communicates with the payment processing system to create a credit account for a person associated with the digital representation of the biometric.

14. The biometric payment system of claim 8, wherein the abstract biometric identifier data structure includes a billing amount.

15. A biometric payment system, comprising:

at least one non-transitory storage medium that stores instructions; and

at least one processor that executes the instructions to:

determine a modality of the digital representation of the biometric from the abstract biometric identifier data structure;

format a biometric template for a matching engine using the abstract biometric identifier data structure;

determine an identity using the matching engine; and

provide information associated with the identity to the biometric payment system device.

16. The biometric payment system of claim 15, wherein:

the abstract biometric identifier data structure comprises a first abstract biometric identifier data structure;

the digital representation of the biometric comprises a first digital representation of a first biometric;

the biometric payment system device comprises a first biometric payment system device;

the at least one processor is operable to receive a second abstract biometric identifier data structure from a second biometric payment system device; and

the second abstract biometric identifier data structure is generated using a second digital representation of a second biometric.

17. The biometric payment system of claim 16, wherein the first digital representation of the first biometric has a different modality than the second digital representation of the second biometric.

18. The biometric payment system of claim 16, wherein the at least one processor uses:

a first matching engine for the first digital representation of the first biometric; and

a second matching engine for the second digital representation of the second biometric.

19. The biometric payment system of claim 18, wherein the at least one processor determines the identity using a combination of results of the first and second matching engines.

20. The biometric payment system of claim 16, wherein:

the first biometric comprises a fingerprint; and

the second biometric comprises at least a portion of a face.