WO2002017114A1 - Biometric authentication - Google Patents

Biometric authentication Download PDF

Info

Publication number
WO2002017114A1
WO2002017114A1 PCT/AU2001/001063 AU0101063W WO0217114A1 WO 2002017114 A1 WO2002017114 A1 WO 2002017114A1 AU 0101063 W AU0101063 W AU 0101063W WO 0217114 A1 WO0217114 A1 WO 0217114A1
Authority
WO
WIPO (PCT)
Prior art keywords
biometric
referee
digital certificate
composing
certificate
Prior art date
Application number
PCT/AU2001/001063
Other languages
French (fr)
Inventor
Steve Toneguzzo
Aftab Rizvi
Original Assignee
The Toneguzzo Group Pty Limited
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by The Toneguzzo Group Pty Limited filed Critical The Toneguzzo Group Pty Limited
Priority to AU2001281601A priority Critical patent/AU2001281601A1/en
Publication of WO2002017114A1 publication Critical patent/WO2002017114A1/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3226Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
    • H04L9/3231Biological data, e.g. fingerprint, voice or retina
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C9/00Individual registration on entry or exit
    • G07C9/30Individual registration on entry or exit not involving the use of a pass
    • G07C9/32Individual registration on entry or exit not involving the use of a pass in combination with an identity check
    • G07C9/37Individual registration on entry or exit not involving the use of a pass in combination with an identity check using biometric data, e.g. fingerprints, iris scans or voice recognition
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3263Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements

Definitions

  • the present invention pertains to digital certificates and more particularly to a digital certificate that incorporates biometric data, as well as methods and apparatus for generating it.
  • a unique digital certificate assists in verifying the identity of a natural person as a sender of e-mail or other form of electronic correspondence or electronic transaction.
  • digital certificates For digital certificates to become a mandatory and viable requirement for engaging in electronic transactions, there will need to be a method that better identifies the natural person uniquely.
  • the invention pertains to a verifiably unique certificate which combines a conventional digital certificate with data derived from bio-metric information and optionally (b) statistical data or bona fides (e.g. age, security classification, licence information, medical conditions).
  • the invention also provides management of the authentication processes. MODES FOR CARRYING OUT THE INVENTION
  • a Public Key Infrastructure is a combination of hardware and software products, policies and procedures.
  • a PKI is based on digital IDs known as digital certificates, which act like 'electronic passports'.
  • a typical PKI should consist of: (a) A security policy for establishing top-level security, as well as the processes and principles for the use of cryptography. It is essentially the rules by which an administering organisation will handle keys and valuable information.
  • CPS Certificate Practice Statement
  • the CA system is the trust basis of a PKI as it manages public key certificates for their whole life cycle.
  • the CA issues certificates by binding the identity of a user or system to a public key with a digital signature.
  • the CA establishes the schedule of expiry dates for certificates and ensures certificates are revoked when necessary by publishing Certificate Revocation Lists (CRLs).
  • CTLs Certificate Revocation Lists
  • an organisation can either operate its own CA system, or use the CA service of a Commercial CA or Trusted Third Party, (d) Authentication Centre (AC) and Virtual Authentication Centre (VAC).
  • AC Authentication Centre
  • VAC Virtual Authentication Centre
  • An AC provides an optional intermediary between the user and the CA. It captures and authenticates the identity of the users and submits the certificate request to the CA.
  • VAC provides an optional intermediary between the user and the CA, when the user submits the request for a certificate remotely with the means of facilities provided in the locations approved by the authentication centre (e.g. esignated computing device, vending machines).
  • PKI-enabled Applications e.g. esignated computing device, vending machines.
  • a PKI is a means to an end, providing the security framework by which PKI-enabled applications can be confidently deployed to achieve the end benefits, in this case the generation and use of a digital certificate which incorporates a unique biometric of its users.
  • the certificate is generated as follows: -
  • the inputs may include: applicant's name, biometric data, address, country, date of birth, drivers licence number, social security number, passport number, tax-file number, birth certificate number and location of birth, public key of CA, official descriptor, expiry date, other data.
  • the certificate may incorporate a compliance seal.
  • the compliance seal is a flag or image data, which the certificate carries in a readable field.
  • the field may carry an image or cause a browser or plug-in to display an image.
  • the image may be depicted within a browser window or as part of the browser.
  • the compliance seal may be available (visual, mechanical, audible) on the browser or on the resource.
  • a link to the issuing CA for example this link will take the user to the home page of the CA from which complaints may be lodged, the CPS may be available, etc).
  • Certificate Practice Statement Whole or part of this document (CPS) may, or may not be, publicly available.
  • the CPS document will consist of, but is not limited to, procedures for the following: (a) PKI Infrastructure (b) Organisational relationships
  • the invention provides a method of combining the existing digital certificate technology with any one or a combination of (a) data derived from bio-metric information and (b) statistical data (e.g. age, security classification, licence information, medical conditions).
  • the invention also provides management of the authentication processes.
  • the certificate of the present invention incorporates a signature derived from an algorithm which operates on biometric data, such as genetic input, blood type, facial data, finger or iris image data, voice data, etc.
  • the certificate also includes a uniquely allocated number or signature of the authenticating authority, a check digit or crc.
  • the certificate of the present invention may be securely stored in electronic, optical, magnetic, physical, biological or printed form.
  • Four methods of obtaining an authenticated biometric certificate are as follows: -
  • Example 1 A candidate person presents themselves in front of a live digital biometric sampling device at a location approved by the certification authority (e.g. vending machine) and establishes a secure link, such as a network connection, with digital referees accompanying that person into a virtual authentication centre (VAC).
  • a digital referee is a person who is a current biometric certificate user and who can verify, in real time, the identity of an applicant based on live biometric (and perhaps other data) data or other bona fides (such as documents, other digital certificates etc.) offered by the applicant during (in real time) the authentication process.
  • the term "real time” is used here as including network lag and data transit time as means simply: as fast as the network technology will reasonably allow.
  • the referees observe the image (or other data) of the person and optionally confirm the answers to a few questions asked of the person.
  • the referee may also confirm live, the taking of a biometric by the candidate.
  • a genetic sample may be taken, the proper sampling being confirmed by the referee analysed and transformed into digital data.
  • a positive ID from the referee results in a certificate being issued immediately.
  • the certificate is preferably created using an algorithm which operates on the same biometric data offered by the applicant and used by the referee for the verification.
  • the attendance of a digital referee would either have to be pre-arranged or may be conducted in real time through the aid of a device. That device (e.g.
  • Example 2 A person presents themselves in front of a live digital biometric sampling device (e.g. digital or optical recording equipment) at a location approved by the certification authority (e.g. kiosk, vending machine etc.) and establishes a secure link with a virtual authentication centre. In the absence of referees, questions might be asked based on electronically available information (e.g.
  • a representative of an organization that issues or has authorised access to photo IDs may act as the digital referee by comparing the live image to networked stored resources, such as a company's stored image and optionally asking questions related to data within their or another database and providing only verification of identity or refusal to the VAC. Verification by the referee, in real time, results in the certificate being issued.
  • Example 3 A person presents themselves in front of a live digital biometric sampling device at a location approved by the certification authority (e.g. vending machine) and establishes a secure link with a virtual authentication centre.
  • a static image of the applicant's face on a facsimile of a drivers licence or passport or other approved document (optionally scanned by the machine) is transmitted to the virtual interviewer at the virtual authentication centre.
  • the passport and or driver's licence or other document details are verified by the virtual certification centre by comparing the applicant's transmitted document image with the live transmission of the applicant's image. If verified, both are then optionally compared to an image provided by the issuer of the document against the issuing authority's transmission of the same image of the supporting documents and a positive match results in the certificate being subsequently issued.
  • Example 4 A person presents themselves in the physical authentication centre (offices of the certificate issuing authority or its agents). Fills in the application form for the biometric digital certificate and submits it with the original driver's licence, the passport or other approved documents to the issuing officer. The applicant is presented in front of a live digital biometric sampling device and photograph or biometric data is taken. The passport and/or driver's licence or other documents are verified by the authentication centre against the issuing authority of the supporting documents and a certificate is issued on verification of these documents. In use, the recipient of the user's certification may wish to verify that it was the user, and not an impostor, that sent the certificate.
  • VAC intellectual property
  • VAC may ask a few questions from the electronic information they have. If the user's response is correct, VAC sends the confirmation to the recipient that the user online is the actual user otherwise a negative response is sent to the recipient, (c) Real time verification using networked equipment;
  • the applicant is verified in real time using the equipment, e.g., digital recorder, finger print or genetic sampling device, etc. attached to the applicants networked equipment on the request of the recipient or on random intervals.
  • equipment e.g., digital recorder, finger print or genetic sampling device, etc. attached to the applicants networked equipment on the request of the recipient or on random intervals.
  • biometric altering event may be genetic therapy, plastic surgery, disfiguring injury, etc. This also applies to the alteration of any data field embodied in the certificate such as date of birth, name, address, etc.

Abstract

Biometric information in encoded into digital signatures and digital certificates. Means are disclosed for issuing such signatures or certificates based upon confirmation of identity. Confirmation may be made by a referee in real time so that the digital signature or certificate is issued immediately. Confirmation may be made in a kiosk or vending machine environment, through a secure connection with a referee.

Description

BIOMETRIC AUTHENTICATION TECHNICAL FIELD
The present invention pertains to digital certificates and more particularly to a digital certificate that incorporates biometric data, as well as methods and apparatus for generating it. BACKGROUND ART
A unique digital certificate assists in verifying the identity of a natural person as a sender of e-mail or other form of electronic correspondence or electronic transaction. For digital certificates to become a mandatory and viable requirement for engaging in electronic transactions, there will need to be a method that better identifies the natural person uniquely.
Whilst the currently known Public Key Infrastructure (PKI) infrastructure, certificate and signature concepts are sound, the sub-optimal authentication of the owner of the certificate is a failing of current digital signatures. DISCLOSURE OF THE INVENTION
The invention pertains to a verifiably unique certificate which combines a conventional digital certificate with data derived from bio-metric information and optionally (b) statistical data or bona fides (e.g. age, security classification, licence information, medical conditions).
The invention also provides management of the authentication processes. MODES FOR CARRYING OUT THE INVENTION
A Public Key Infrastructure is a combination of hardware and software products, policies and procedures. A PKI is based on digital IDs known as digital certificates, which act like 'electronic passports'. A typical PKI should consist of: (a) A security policy for establishing top-level security, as well as the processes and principles for the use of cryptography. It is essentially the rules by which an administering organisation will handle keys and valuable information. (b) Certificate Practice Statement (CPS). This is a document defining the operational procedures on how the security policy will be enforced and supported in practice, how certificates are issued, accepted and revoked, and how keys will be generated, registered and certified, where they will be stored, and how they will be made available to users. (c) Certificate Authority (CA). The CA system is the trust basis of a PKI as it manages public key certificates for their whole life cycle. The CA issues certificates by binding the identity of a user or system to a public key with a digital signature. The CA establishes the schedule of expiry dates for certificates and ensures certificates are revoked when necessary by publishing Certificate Revocation Lists (CRLs). When implementing a
PKI, an organisation can either operate its own CA system, or use the CA service of a Commercial CA or Trusted Third Party, (d) Authentication Centre (AC) and Virtual Authentication Centre (VAC). An AC provides an optional intermediary between the user and the CA. It captures and authenticates the identity of the users and submits the certificate request to the CA. Whereas VAC provides an optional intermediary between the user and the CA, when the user submits the request for a certificate remotely with the means of facilities provided in the locations approved by the authentication centre (e.g. esignated computing device, vending machines). PKI-enabled Applications.
A PKI is a means to an end, providing the security framework by which PKI-enabled applications can be confidently deployed to achieve the end benefits, in this case the generation and use of a digital certificate which incorporates a unique biometric of its users.
The certificate is generated as follows: -
(a) The inputs may include: applicant's name, biometric data, address, country, date of birth, drivers licence number, social security number, passport number, tax-file number, birth certificate number and location of birth, public key of CA, official descriptor, expiry date, other data.
(b) The inputs are manipulated through an algorithm to produce a unique identification number.
(c) The CA identifier (assigned by the root CA) and the CA's URL is appended to the identification number to form a globally unique certificate.
(d) The certificate may incorporate a compliance seal. The compliance seal is a flag or image data, which the certificate carries in a readable field. The field may carry an image or cause a browser or plug-in to display an image. The image may be depicted within a browser window or as part of the browser. The compliance seal may be available (visual, mechanical, audible) on the browser or on the resource. Associated with the availability of the compliance seal is a link to the issuing CA (for example this link will take the user to the home page of the CA from which complaints may be lodged, the CPS may be available, etc). In addition to generally accepted privacy and security guidelines (e.g.
Guidelines issued by Defence Signals Directorate, Australia), special security arrangements should be made to secure the public/private key pair for CA, resources (hardware and software) involved in the production and delivery of the biometric certificate. Strong encryption would be implied in delivering the biometric certificate from the CA to the user. Certificate Practice Statement Whole or part of this document (CPS) may, or may not be, publicly available.
The CPS document will consist of, but is not limited to, procedures for the following: (a) PKI Infrastructure (b) Organisational relationships
(c) Public policy and legislative matters.
(d) AC and CA standard operating internal controls and procedures.
(e) Privacy Policy.
(f) Security classifications. (g) Codes of conduct.
(h) Fees and charges.
(i) List of acceptable bona-fides for all stakeholders.
(j) Application for certificate.
(k) Method of generating a unique certificate number. (I) Generation and security of digital certificate
(m) Procedure for manual authentication and issue.
(n) Procedure for virtual authentication and issue.
(o) Procedure for use of a certificate.
(p) Requirements to be a referee. (q) Auditing prior to application.
(r) Ongoing auditing.
(s) Terms and conditions. (t) Rules of use.
(u) Delivery of digital certificate and seal, (v) Revocation of digital certificate and seal, (w) Distribution and usage of revocation and attribute tables. (x) Frequently asked questions, (y) User help (z) Complaints mechanisms, (aa) Metrics and statistical analysis.
(bb) Distribution, installation, operation and security of applications.. (cc) General information.
(dd) Enforcement mechanisms and penalties, (ee) Any other applicable information.
(ff) Renewal in the event of an accident, plastic surgery or genetic therapy, (gg) Maintenance of audit trails. (hh) Eligibility criteria for witnesses and digital referees.
(ii) Criteria, guidelines and responsibility of the accredited organizations acting as a digital referees.
Accordingly, the invention provides a method of combining the existing digital certificate technology with any one or a combination of (a) data derived from bio-metric information and (b) statistical data (e.g. age, security classification, licence information, medical conditions).
The invention also provides management of the authentication processes.
The certificate of the present invention incorporates a signature derived from an algorithm which operates on biometric data, such as genetic input, blood type, facial data, finger or iris image data, voice data, etc. The certificate also includes a uniquely allocated number or signature of the authenticating authority, a check digit or crc.
The certificate of the present invention may be securely stored in electronic, optical, magnetic, physical, biological or printed form. Four methods of obtaining an authenticated biometric certificate are as follows: -
(a) Remotely with authentication supplied via "trusted" parties who have an established digital signature, i.e. "digital referee". The fact that a party is eligible to be a digital referee may be an attribute of their digital signature.
(b) Remotely with authentication supplied via the provision of acceptable data or facsimile of acceptable documents which is subject to verification through the data or document issuing authorities as referee. (c) Remotely, by assessing documents presented by the applicant, and confirmed via trusted third parties, (d) In person with authentication supplied via the provision of acceptable data or acceptable documents, which may be subject to verification through the data issuing authorities as referee. These methods are explained in the following examples:
Example 1 : A candidate person presents themselves in front of a live digital biometric sampling device at a location approved by the certification authority (e.g. vending machine) and establishes a secure link, such as a network connection, with digital referees accompanying that person into a virtual authentication centre (VAC). A digital referee is a person who is a current biometric certificate user and who can verify, in real time, the identity of an applicant based on live biometric (and perhaps other data) data or other bona fides (such as documents, other digital certificates etc.) offered by the applicant during (in real time) the authentication process. The term "real time" is used here as including network lag and data transit time as means simply: as fast as the network technology will reasonably allow. The referees observe the image (or other data) of the person and optionally confirm the answers to a few questions asked of the person. The referee may also confirm live, the taking of a biometric by the candidate. A genetic sample may be taken, the proper sampling being confirmed by the referee analysed and transformed into digital data. A positive ID from the referee results in a certificate being issued immediately. The certificate is preferably created using an algorithm which operates on the same biometric data offered by the applicant and used by the referee for the verification. In this example, the attendance of a digital referee would either have to be pre-arranged or may be conducted in real time through the aid of a device. That device (e.g. phone or mobile computer) may transmit the digital referee's signature, it may capture a biometric image of the digital referee or it may ask certain questions of the referee based on the signature attributes or other data. Essentially there must be a mechanism to authenticate a digital referee in real-time if the attendance of the digital referee to the digital authentication centre has not been pre-arranged. Example 2: A person presents themselves in front of a live digital biometric sampling device (e.g. digital or optical recording equipment) at a location approved by the certification authority (e.g. kiosk, vending machine etc.) and establishes a secure link with a virtual authentication centre. In the absence of referees, questions might be asked based on electronically available information (e.g. credit card statement, phone bill, etc). In the alternative, a representative of an organization that issues or has authorised access to photo IDs may act as the digital referee by comparing the live image to networked stored resources, such as a company's stored image and optionally asking questions related to data within their or another database and providing only verification of identity or refusal to the VAC. Verification by the referee, in real time, results in the certificate being issued. Example 3: A person presents themselves in front of a live digital biometric sampling device at a location approved by the certification authority (e.g. vending machine) and establishes a secure link with a virtual authentication centre. A static image of the applicant's face on a facsimile of a drivers licence or passport or other approved document (optionally scanned by the machine) is transmitted to the virtual interviewer at the virtual authentication centre. The passport and or driver's licence or other document details are verified by the virtual certification centre by comparing the applicant's transmitted document image with the live transmission of the applicant's image. If verified, both are then optionally compared to an image provided by the issuer of the document against the issuing authority's transmission of the same image of the supporting documents and a positive match results in the certificate being subsequently issued.
Example 4: A person presents themselves in the physical authentication centre (offices of the certificate issuing authority or its agents). Fills in the application form for the biometric digital certificate and submits it with the original driver's licence, the passport or other approved documents to the issuing officer. The applicant is presented in front of a live digital biometric sampling device and photograph or biometric data is taken. The passport and/or driver's licence or other documents are verified by the authentication centre against the issuing authority of the supporting documents and a certificate is issued on verification of these documents. In use, the recipient of the user's certification may wish to verify that it was the user, and not an impostor, that sent the certificate. This requires that the recipient challenge the user to provide: (a) Information uniquely known to the user; Recipient initiates a new transaction between VAC and user. VAC pushes a browser window (or equivalent means of communication) to user. User answers VAC's questions. VAC verifies the answers and notifies the recipient whether the actual user is online or some one else is using the users certificate. (b) Information gleaned from electronic records about the user;
By prior arrangement/consent to allow details of the electronic information such as phone bill or credit card details, etc. are conveyed to VAC for real time use between VAC and user. VAC may ask a few questions from the electronic information they have. If the user's response is correct, VAC sends the confirmation to the recipient that the user online is the actual user otherwise a negative response is sent to the recipient, (c) Real time verification using networked equipment;
The applicant is verified in real time using the equipment, e.g., digital recorder, finger print or genetic sampling device, etc. attached to the applicants networked equipment on the request of the recipient or on random intervals.
It will be understood that a person's biometrics may change. When obtaining the certificate, a user may be compelled to agree to update their biometric containing certificate in the advent that a biometric altering event (BAE) occurs before the expiry of the certificate. A BAE may be genetic therapy, plastic surgery, disfiguring injury, etc. This also applies to the alteration of any data field embodied in the certificate such as date of birth, name, address, etc.
Industrial Application: At the present time there is great concern amongst governments and industry over the ability to identify the country of origin and age of an individual wishing to partake in internet gambling. This patent, effectively implemented would provide a viable solution to exclusion of minors and not permitting residents of certain jurisdictions to play prohibited games by providing reliable and secure authentication of a user.

Claims

1. A digital certificate, for use by a person, wherein: the certificate incorporates data derived from an algorithm which operates on bio-metric information which identifies the person.
2. The digital certificate of claim 1 , wherein: the data is in the form of a digital signature derived from the algorithm which operates on biometric including any one of the group comprising: facial image data, genetic information, blood type information, finger or iris image.
3. A method of composing a digital certificate, comprising the steps of: establishing a secure connection between a digital referee and a person; using the referee to confirm a biometric presented to the referee in real time; issuing the certificate if the referee can confirm the biometric.
4. The method of composing a digital certificate of claim 3, further comprising the step of: using the referee to confirm a bona fide or other biometric presented to the referee in real time; issuing the certificate if the referee can confirm the bona fide or other biometric.
5. The method of composing a digital certificate of either of claims 3 or 4, wherein: the biometric or other biometric is operated on by the algorithm and thereby incorporated into the digital certificate.
6. The method of composing a digital certificate of either of claims 3 or 4, further comprising the step of: authenticating the referee to the person in real time.
7. The method of composing a digital certificate of either of claims 3 or 4, wherein: the method occurs in real time and results in a digital certificate that the person can access immediately.
8. The method of composing a digital certificate of either of claims 3 or 4, wherein: the biometric or bona fide or other biometric is an approved document which is compared by the referee to a stored networked resource.
9. The method of composing a digital certificate of claim 8, wherein: the stored network resource is obtained from an agency that issued the approved document.
10. The method of composing a digital certificate of either of claims 3 or 4, wherein: the referee confirms the biometric or bona fide other biometric with reference to networked stored resources in real time.
11. The method of composing a digital certificate of claim 4, wherein:: biometric or bona fide or other biometric data is obtained from the person in real time and data about it is incorporated into the certificate.
12. The method of composing a digital certificate of either of claims 3 or 4, wherein: the method is practiced utilising a vending machine or kiosk to submit the biometric or other biometric to the referee.
13. The method of composing a digital certificate of either of claims 3 or 4, wherein: the biometric or bona fide or other biometric is an approved document which is transmitted to the referee and compared by the referee to a live transmission from the person.
14. The method of composing a digital certificate of claim 13, wherein: the referee then confirms the biometric or bona fide or other biometric with reference to networked stored resources in real time.
15. The method of composing a digital certificate of either of claims 3 or 4, wherein: the referee confirms a challenge question put to the person by the referee in real time.
16. The method of composing a digital certificate of claim 15, wherein: the challenge question is either composed or conferred by reference to electronic resources accessible to the referee in real time.
17. A method of composing a digital signature, comprising the steps of: obtaining a biometric of a person; incorporating the biometric into a digital signature derived from an algorithm which operates on the biometric, the biometric comprising any one of the group of: facial image data, genetic information, blood type information, finger or iris image.
18. A method of composing a digital certificate, comprising the steps of: obtaining a digital signature as claimed in claim 17; then incorporating the signature into a digital certificate.
PCT/AU2001/001063 2000-08-25 2001-08-27 Biometric authentication WO2002017114A1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
AU2001281601A AU2001281601A1 (en) 2000-08-25 2001-08-27 Biometric authentication

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
AUPQ9692 2000-08-25
AUPQ9692A AUPQ969200A0 (en) 2000-08-25 2000-08-25 Biometric authentication

Publications (1)

Publication Number Publication Date
WO2002017114A1 true WO2002017114A1 (en) 2002-02-28

Family

ID=3823746

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/AU2001/001063 WO2002017114A1 (en) 2000-08-25 2001-08-27 Biometric authentication

Country Status (2)

Country Link
AU (1) AUPQ969200A0 (en)
WO (1) WO2002017114A1 (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
GB2397153A (en) * 2003-01-11 2004-07-14 Francis Muir Kerrigan Handwritten signature check to allow use of digital certificate
EP2053777A1 (en) * 2006-08-18 2009-04-29 Huawei Technologies Co., Ltd. A certification method, system, and device
WO2023174091A1 (en) * 2022-03-14 2023-09-21 胡金钱 Home-based business startup pre-authentication apparatus and home-based business startup pre-authentication method

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5712914A (en) * 1995-09-29 1998-01-27 Intel Corporation Digital certificates containing multimedia data extensions
EP0859488A2 (en) * 1997-02-18 1998-08-19 Arcanvs Method and apparatus for authenticating electronic documents
WO1998050875A2 (en) * 1997-05-09 1998-11-12 Gte Government Systems Corporation Biometric certificates

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5712914A (en) * 1995-09-29 1998-01-27 Intel Corporation Digital certificates containing multimedia data extensions
EP0859488A2 (en) * 1997-02-18 1998-08-19 Arcanvs Method and apparatus for authenticating electronic documents
WO1998050875A2 (en) * 1997-05-09 1998-11-12 Gte Government Systems Corporation Biometric certificates

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
GB2397153A (en) * 2003-01-11 2004-07-14 Francis Muir Kerrigan Handwritten signature check to allow use of digital certificate
EP2053777A1 (en) * 2006-08-18 2009-04-29 Huawei Technologies Co., Ltd. A certification method, system, and device
EP2053777A4 (en) * 2006-08-18 2009-09-02 Huawei Tech Co Ltd A certification method, system, and device
WO2023174091A1 (en) * 2022-03-14 2023-09-21 胡金钱 Home-based business startup pre-authentication apparatus and home-based business startup pre-authentication method

Also Published As

Publication number Publication date
AUPQ969200A0 (en) 2000-09-21

Similar Documents

Publication Publication Date Title
US7819319B2 (en) Method and system for electronic voting over a high-security network
CN108109257A (en) A kind of Anonymous Electronic Voting method based on block chain
US9270464B2 (en) Methods for secure enrollment and backup of personal identity credentials into electronic devices
AU2004315770B2 (en) Use of public switched telephone network for capturing electronic signatures in on-line transactions
CN109150535A (en) A kind of identity identifying method, equipment, computer readable storage medium and device
WO2003007121A2 (en) Method and system for determining confidence in a digital transaction
EP3376708A1 (en) Anonymous communication system and method for subscribing to said communication system
CN1574740A (en) Personal authentication device and method thereof
US20150221153A1 (en) Methods and apparatus for voter registration and voting using mobile communication devices
KR20060127194A (en) Electronic voting process using fair blind signature
US20040139344A1 (en) Digital declaration, method for creating a digital declaration, and a software product for carrying out this method
JP2000269957A (en) Electronic voting method and medium recording its program
CN114677794B (en) Electronic voting method based on block chain
CN110866232A (en) Multi-party data service authorization platform
JP2003067532A (en) Electronic voting system and method
WO2002017114A1 (en) Biometric authentication
Cap et al. Digital identity and its implication for electronic government
Yun et al. The biometric based mobile ID and its application to electronic voting
Feng et al. An electronic voting system using GSM mobile technology
Bruschi et al. A protocol for anonymous and accurate e-polling
KR102208763B1 (en) Electronic voting system using election names
KR102179421B1 (en) Electronic voting method using election names
Kumar et al. Secure mobile based voting system
Gallardo et al. Use of the new Smart Identity Card to reinforce electronic voting guarantees
CN114493508A (en) Digital identity-based careless fund issuing management method, device and medium

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A1

Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BY BZ CA CH CN CO CR CU CZ DE DK DM DZ EC EE ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NO NZ PH PL PT RO RU SD SE SG SI SK SL TJ TM TR TT TZ UA UG US UZ VN YU ZA ZW

AL Designated countries for regional patents

Kind code of ref document: A1

Designated state(s): GH GM KE LS MW MZ SD SL SZ TZ UG ZW AM AZ BY KG KZ MD RU TJ TM AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE TR BF BJ CF CG CI CM GA GN GQ GW ML MR NE SN TD TG

121 Ep: the epo has been informed by wipo that ep was designated in this application
DFPE Request for preliminary examination filed prior to expiration of 19th month from priority date (pct application filed before 20040101)
REG Reference to national code

Ref country code: DE

Ref legal event code: 8642

122 Ep: pct application non-entry in european phase
32PN Ep: public notification in the ep bulletin as address of the adressee cannot be established

Free format text: COMMUNICATION PURSUANT TO RULE 69 EPC (EPO FORM 1205A DATED 28.05.2003)

122 Ep: pct application non-entry in european phase
NENP Non-entry into the national phase

Ref country code: JP