CN100437635C - Secure biometric verification of identity - Google Patents

Secure biometric verification of identity Download PDF


Publication number
CN100437635C CN 03825009 CN03825009A CN100437635C CN 100437635 C CN100437635 C CN 100437635C CN 03825009 CN03825009 CN 03825009 CN 03825009 A CN03825009 A CN 03825009A CN 100437635 C CN100437635 C CN 100437635C
Grant status
Patent type
Prior art keywords
identification card
Prior art date
Application number
CN 03825009
Other languages
Chinese (zh)
Other versions
CN1695163A (en )
Original Assignee
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Grant date



本发明公开了一种高安全性身份识别卡,包括用于存储生物数据的卡上存储器,用于获取现场生物数据的卡上传感器。 The present invention discloses a high-security identification card comprising a biometric data stored on a memory card, the card sensor for acquiring biometric data field. 卡上的卡上处理器执行匹配操作,以验证获取的生物数据与本地保存的生物数据的匹配。 The processor on the card performs a matching operation on the card to verify the matching of the acquired biometric data stored locally biological data. 仅当存在正确的匹配时,其它数据才可以从卡中传出以做附加验证和/或进一步处理。 Only when there is a correct match, other data can be spread to additional verification and / or further processing from the card. 优选地,卡与ISO智能卡(ISOSmartCard)兼容。 Preferably, ISO cards and smart cards (ISOSmartCard) compatible. 在一个实施例中,ISO智能卡起防火墙的作用,用于保护用来保存和处理受保护生物数据的安全处理器免遭通过ISO智能卡接口进行的外部恶意攻击。 In one embodiment, the smart card ISO plays the role of a firewall for protecting the security processor used to store and process the protected biometric data from the external interface of the smart card by the ISO malicious attacks. 在另一实施例中,安全处理器插于ISO智能卡接口和无变更ISO智能卡处理器之间并一直阻止任何外部通讯直到用户的指纹已经与先前注册的指纹相匹配为止。 In another embodiment, the security processor is inserted between the ISO smart card interface and no change has been ISO smart card processor and blocks any external communications until the user's fingerprint matches the fingerprint has been previously registered so far. 当用户将其手指放到指纹传感器上方时,实时反馈被提供,从而有助于手指在传感器上方进行最佳放置。 When the user put his finger over the fingerprint sensor, real-time feedback is provided to facilitate optimal placement finger over the sensor. 卡可以用来启动与交易网络的通讯或获得进入安全区域的物理通道。 Card can be used to communicate with the start of trading network or gain access to the physical channel security zone.


安全的生物身份m^ Safe biological identity m ^


本发明基于如下临时申请,2002年9月10日提交的第60/409,716号(巻号为7167- 102P1 )、 2002年9月10日提交的第60/409,715号(巻号为7167- 103P)、 2002年11月27日提交的第60/429,919号(巻号为7167- 104P)、 2002年12月13日提交的第60/433,254号(巻号为7167- 105P)、 2003年7月3日提交的第60/484,692号(巻号为7167 - 106P),并且要求这些申请的优先权, 这些申请的全部内容结合于此作为参考。 The present invention is based on provisional application No. 60 / 409,716 September 10, 2002 filed (Volume No. 7167- 102P1), No. 60 / 409,715 September 10, 2002 filed (Volume No. 7167- 103P) 2002 November 27 filed No. 60 / 429,919 (Volume No. 7167- 104P), No. 60 / 433,254 December 13, 2002 filed (Volume No. 7167- 105P), July 3, 2003 No. 60 / 484,692 filed on (Volume No. 7167 - 106P), and claims priority of these applications, the entire contents of which are incorporated herein by reference.

技术领域 FIELD

本申请涉及用于保护数据和保护数据免遭未授权访问的装置和方法。 The present application relates to data protection and data protection method and apparatus from unauthorized access.

背景技术 Background technique

计算机化特别是互联网技术已经提供了对包括财务数据、医疗凄t据、个人凌t据的不断增长的数据访问,这意p木着加速了金融和其它交易,其中保密彰:据;故进行更新或者交换。 Computerized especially the Internet technology has provided financial data including, sad t medical data, personal data t Ling growing data access, which means p wooden accelerated financial and other transactions in which confidential Chang: It is; it is carried out update or exchange.

通常用口令来维持这些数据的保密性;然而,口令经常是基于 Typically with a password to maintain the confidentiality of such data; however, passwords are frequently based on

易于猜测并且根本就不安全的出生日期或者电话号码。 Easy to guess and did not secure birth date or telephone number. 此外,即使是复杂的随机生成的口令也经常能被轻易窃取。 Furthermore, even a complicated randomly generated passwords are often easily be stolen. 基于口令的数据访问系统因而容易受到非法攻击,从而给工业和经济,甚至给人的生命带来危险和损害。 Data access password-based system and thus vulnerable to the illegal attack, giving the industry and the economy, even dangerous and harm human life. 因此,需要一种改良的方法,用于保护数据和保护数据免遭未授权访问。 Accordingly, a need for an improved method for securing data and protecting data from unauthorized access. 生物数据可以包括难以获取但是容易分析的精密细节(例如指紋细节序列),或者容易获取^f旦是难以分析的整体图案(例如相邻指紋螺紋的空间特性)。 Biological data may include, but are difficult to obtain easier to analyze fine detail (e.g. minutia sequence), or readily available denier ^ f is difficult to analyze the overall pattern (e.g., the spatial characteristics of adjacent fingerprint threads).

加密算法需要^f又对授权用户有效的数字密钥。 Encryption algorithm requires ^ f and authorized users valid digital key. 没有正确的密钥,只有投入足够的时间和处理资源,而且即便如此,只有当未加密数据的某些特征是已知的(或者至少是可预知的)时,加密数据才可以;故解密成可用格式。 When the correct key is not only put enough time and processing resources, and even then, only if certain characteristics of the unencrypted data are known (or at least are predictable), the encrypted data can only; it is decrypted into available formats.

曰本公开专利申请第60-029868号(日期1985年2月15曰, 申请人为Tamio SAITO ),提出一种个人识别系统,其使用一种具有用于记录从持卡人处获得的加密生物凄t据的集成存4渚器的身份识别卡。 He said this Patent Application No. 60-029868 discloses (date of 15 February 1985 said, the applicant of Tamio SAITO), proposed a personal identification system that uses an encryption having biological sad for recording obtained from the cardholder integrated memory according to t 4 For an identification card. 生物数据可以包括声波紋、指紋、外貌特征、和/或生物检验。 Biological data may include a voiceprint, fingerprint, physical characteristics, and / or biological assays. 使用中,卡中数据被读取和解密,用于与从出示该卡的人处获取的相应数据进行比较。 In use, the card is read and decrypted data, for comparison with the corresponding data obtained from the person who presented the card. 该系统使得注册人可被高准确度地确定识别。 The system enables the registrant may be determined with high accuracy recognition. 然而,因为生物凄t据是通过外部设备获得和处理的,所以难以保护存储在卡上的信息免遭可能发生的改变和/或身份盗用。 However, since the biological data is a sad t obtained and processed by external equipment, it is difficult to change the protection and / or identity information is stored on the card against possible theft.

已经提出了一种改良的身份识别卡,其包括卡上的数据驱动多处理器芯片,以提供同时加密和隔离存储在卡上的生物数据的硬件防火墙,从而提供更好的保护来防止未经授权而改变存储数据。 It has been proposed an improved identification card, which includes a data card drive on multiprocessor chip to encrypt and provide isolation stored on the card hardware firewall biological data, thereby providing better protection to prevent unauthorized authorized to change the stored data. 然而,实际的匹配程序是在同样的获取现场(live)生物数据的外部读卡器终端上寺丸^f亍的,因而仍然潜在地容易受到外部欺诈才乘作的攻击。 However, the actual matching program is acquired on the same site (live) biometric data of an external card reader terminal Temple pill ^ f right foot, and thus still potentially vulnerable to external fraud only multiply for attacks.


高安全性身份识别卡的第一实施例不仅包括用于存储生物数据的卡上(on-board,又称片上或板上)存储器,而且包括用于捕获现场生物凄t据的卡上传感器。 A first embodiment of a high security identification card includes not only the biometric data stored on the card (on-board, also known as on-board or chip) memory, but also on the card live biometric sensor for capturing data desolate t. 远程认证系统维护包括生物教:据的安全数据库。 Remote authentication system maintenance, including biological teach: data security database. 卡上的卡上处理器冲丸4亍初步的匹配操作,以—验证所4甫 The processor on the card 4 red pellet right foot preliminary matching operation to the card - the verification just 4

获的生物数据与本地生物存储数据是否匹配。 Whether biometric data stored biological data obtained with the local match. 仅当存在正确的本地匹配时,任何获取的数据或任何敏感的存储数据才可以发送到远程认证系统用于附加的验证和/或进一步处理。 Only when there is a correct local match, any acquired data or any sensitive stored data can be sent to the remote authentication system for additional verification and / or further processing. 作为对于恶意攻击的进 As for malicious attacks into

一步保护,本地存储数据优选不同于远程存储数据,并且优选地佳: 本地匹配和远程匹配采用不同的匹配算法。 Further protect, locally stored data is preferably different from the remote data storage, and preferably good: no local match and the remote match different matching algorithms. 因而即使卡、本地存^诸数据、和/或与卡连接的本地终端遭受损害,很可能地,远程认证系统仍然能够发觉入侵企图。 Thus even if the card, local store ^ various data, and / or local terminal and card connections suffer damage, probably, the remote authentication system is still able to find intrusion attempts.

第二实施例也包括用于存储生物数据的卡上存储器、用于捕获 The second embodiment also includes a memory storing biometric data on the card for capturing

现场生物凄t据的卡上传感器、以及卡上处理器;然而,在该实施例中,整个匹配程序由卡上处理器来执行,并且生物原始获取数据和存储在卡上存卡者器中的任何其它"私有"信息对于任何外部程序都是不可访问的。 Live biometric sensor on the card t desolate data, and the card processor; however, in this embodiment, the whole matching procedure executed by the card processor, memory cards and the biological raw data acquired and stored on the card's vessel any other "private" information for any external programs are inaccessible. 替代地,响应于在新获取的生物数据和先前获取的生物数据之间的成功匹配,仅产生一个验证信息。 Alternatively, in response to a successful match between the newly captured biometric data and the biometric data previously acquired, authentication information is generated only one. 验证信息使得该卡功能类似于依据了传统的个人身份号码(PIN)的登录(logon) 成功/不成功的传统ISO智能卡的方式,但是其具有由更多的安全验证程序所提供的附加的安全性。 Authentication information so that the card based login function is similar to the traditional personal identification number (PIN) of the (logon) successful / unsuccessful of the traditional ISO smart cards, but with an additional safety by a more secure verification procedures provided sex. 在任一实施例中,生物存储数据和任何相关的本地存储的加密算法或者加密密钥优选地在最初授予持卡人时载入卡中,其方式为阻止任何将来的外部访问,从而进一步增强了生物存储数据和整个验证程序的完整性。 In either embodiment, the biological data stored in and any associated locally stored encryption algorithm or encryption key is preferably initially loaded into the card holders granted in such a way to prevent any future external access, thereby further enhancing the and biological integrity of the stored data of the entire verification process.

在一个实施例中,ISO智能卡起到防火墙的作用,用于保护用来存储和处理受保护生物数据的安全处理器免于遭受通过ISO智能卡才妄口进4亍的外部恶意攻击。 In one embodiment, the smart card ISO firewall functions for protection for storage and processing by the secure processor protected biometric data from the smart card to the ISO subjected to jump into the outer mouth 4 right foot malicious attacks. 在另一个实施例中,安全处理器插于ISO智能卡4妄口和没有经过》务改的ISO智能卡处理器之间,并一直阻止4壬4可外部通信直到用户的指紋已经与先前注册的指紋相匹配为止。 Embodiment, the security processor is a smart card inserted in the ISO and the port 4 without jump between "traffic changed ISO smartcard processor, and has external communication can prevent 4 4 nonyl user's fingerprint until a fingerprint has been previously registered with another embodiment match so far. 在具有卡上指紋匹配能力的高安全性身f分识别卡的一个优选实施例中,当用户将其手指放到指紋传感器上方时,实时反馈被提供,从而有助于手指在传感器上方进行最佳放置。 In high security on the card body having f fingerprint matching capability of a sub-tag is the preferred embodiment, when a user put his finger over the fingerprint sensor, real-time feedback is provided to facilitate finger over the sensor in the most good placement. 该反馈不仅降低 This not only reduces feedback

区别的附加方法,从而进一步减少了错误否定和/或错误肯定的可能性。 Additional methods of difference, thereby further reducing false negatives and / or the possibility of false positives. 在另一个优选实施例中,指紋传感器被保持在提供额外稳定性的载体中。 In another preferred embodiment, the fingerprint sensor is retained in the carrier to provide additional stability.

在一个示范性应用中,将获耳又到的生物数据和/或持卡人的身份 In one exemplary application, and the ear will be given to the biometric data and / or the identity of the cardholder

标志在^(壬4可对〗呆密凄史4居在线访问的4受4又之前或者在4壬4可用于完成安全交易的自动化程序之前进行加密,然后输入到包括金融机构和单独的认证服务器的交易网络中。在另一个示范性应用中,将卡的输出用于获得进入安全区域的物理通道。在任一应用中,成功的和不成功的访问企图的i己录都可以^^f呆存在卡上或者外部安全月良务器上,或者在两者上都保存。 Logo ^ (azelaic 4 can stay secret history of sad to〗 4 ranked online access to the 4 and before 4 under or 4 azelaic 4 can be used before the automation process is complete secure transactions are encrypted, and then input to include financial institutions and individual certification transaction network server. in another exemplary application, the output card for gaining access to the secure area of ​​the physical channel. in either application, successful and unsuccessful access attempts can be recorded already i ^^ f stay present on the card on the external security service or a good month, or is stored on both.


图1示出了具有卡上生物验证示卡人的身份的智能卡的一个实施例; FIG 1 illustrates an embodiment of the biometric authentication card having the identity card is shown a smart card;

图2是用于帮助用户实现手指在指紋传感器上的最佳放置的示范性程序的流程图; FIG 2 is a flowchart of an exemplary program to help a user's finger placed on the optimal fingerprint sensor implemented;

图3是能够同时本地和远程—睑证出示安全身份识别卡的人的身份的生物验证系统的功能方框图; Figure 3 is capable of simultaneous local and remote - a functional block diagram of the eyelid identity card to show security identification cards of people's biometric authentication system;

图4是县有在和始孰入符卞人玍物f"后辨J间w杜祖、u 远程请求身份期间使用不同物理数据路径的典型的生物验证卡的功能方框图;图5示出了图4的典型生物验证卡的可选实施例,其打算采用无《务改的ISO智能卡CPU的方式; FIG 4 is a functional block diagram of a typical County biometric authentication card different physical data paths used during the beginning and what the operator was Bian al Ga f "between the identified Cho J w, u remote request identity; FIG. 5 shows a FIG 4 a typical biological authentication alternative embodiment card, which intends to introduce no "ISO smart card CPU changed the way traffic;

图6是表示典型应用和典型验证卡之间的通信的流程图,其中只执行对持卡人身份的本地验证; FIG 6 is a flowchart of a typical communication between the application and typical verification card in which only local verification of the cardholder performing identity;

图7是类似于图6的流程图,但是改为采用图5的典型生物验i正卡的方式; 7 is a flowchart similar to FIG. 6, but instead of the typical biological test i n FIG 5 card mode;

图8示出了具有可无线或者借助于电接插件连接到本地终端的卡上生物—验-〖正的智能卡的第二实施例; Figure 8 shows a means of electrically or wirelessly connected to the local terminal connector on the card bio - the second embodiment of the smart card 〖n - test;

图9是图8的卡的横截面图; Figure 9 is a cross-sectional view of the card 8;

图IO是典型指紋传感器的电路图;以及 FIG IO is a circuit diagram of a typical fingerprint sensor; and

图ll示出了用于图10的传感器的载体组件的一个实施例。 FIG. Ll illustrates one embodiment of a carrier assembly of the sensor 10 of FIG.

具体实施方式 Detailed ways

智能卡 smart card

此处4吏用的术语"智能卡(smart card )"或者"智慧卡(intelligent card)" —^:意义上是指任何物理对象,其足够小到可以握在手中, 戴在脖子上,或者以其它方式随身携带,其包括微处理器,能够存储、处理和传递涉及或者其它关系到持卡者个人的数字编码信息。 4 officials term here "smart card (smart card)" or "smart cards (intelligent card)" - ^: the sense refers to any physical object, it is small enough to be held in the hand, worn around the neck, or to otherwise carry, which includes a microprocessor, capable of storing, processing and transmission or other relationship relates to the cardholder personal digital encoded information. 这种智能卡的一个众所周知的实例是ISO (International Standards Organization国际标准组织)智能卡,其具有与传统的信用卡相同的物理尺寸和外形,一f旦是其包括:闪存,用于存储用户特定凄t据; 以及^L处理器,能以强大的加密算法进行编程,指示从用户终端收到的PIN (Personal Identification Number个人身4分号码)是否与卡上存储的加密PIN相匹配,从而与仅依靠对签名和/或身体相貌进行视觉比较的验证系统相比,对出示卡的人是真正的持卡人给出了更高的可信度。 A well-known example of such a smart card is the ISO (International Standards Organization ISO) smart cards, which has a conventional credit card the same physical size and shape, a f ut comprising: a flash memory for storing user-specific sad t data ; ^ L and the processor can be programmed to strong encryption algorithms, the terminal receives an indication from the user PIN (personal Identification number the personal identity number 4 points) matches an encrypted PIN stored on the card, and thus only rely on signature and / or physical appearance visual comparison of the verification system, compared to a real person to produce the card gives the cardholder a higher credibility.

接下来参照图1,其示出了具有卡上生物-验_〖正的智能卡的一个 Referring next to FIG. 1, which shows a biological card - a smart card test positive _ 〖

实施例。 Example. 卡IOO通常由塑料材料制成,并且具有传统的信用卡的整体夕卜观,其大致尺寸符合IS07816中规定的约53.98 x 85.6mm且厚度约0.76mm或者更厚。 IOO card usually made of plastic material, and integrally has a conventional credit card concept Bu Xi, which substantially conform to dimensions specified in IS07816 about 53.98 x 85.6mm and a thickness of about 0.76mm or thicker.

类似于传统的信用卡,卡100包括空白的上部区域102,其沿着卡的整个横向宽度延伸,用于承载位于卡的背面上的磁条(符合IS07811-2&7811-6的^L定),该》兹条上可以存储关于持卡人和任何相关帐户的传统编码字符信息,从而使卡100可在传统的磁条读取器中使用。 Similar to a conventional credit card, card 100 includes an upper blank region 102 which extends along the entire transverse width of the card, a magnetic stripe of the card (in accordance with IS07811-2 & 7811-6 given in ^ L) on the backside of the carrier, the "traditional encoded characters can be stored information about the cardholder and any related accounts on hereby strip, so that the card 100 can be used in a conventional magnetic stripe reader. 然而,因为载入磁条中的任何数据都易于修改,所以这样的磁条仅仅适用于对老式磁条式终端的向后兼容的需要超过磁条带给系统安全性的潜在下降的特定应用中。 Specific applications, however, because the load any data in the magnetic stripe are easy to modify, so this only applies to magnetic stripe backwards compatible magnetic stripe to take more than old-fashioned magnetic stripe terminal to bring a potential decline in the security of the system .

上部区域102还用于支持各种防伪措施,例如持卡人的防篡改的彩色照片和/或发卡人的全息标识。 Further the upper region 102 for supporting various security measures, such as the cardholder's tamper resistant color photos and / or a holographic logo of the card issuer. 卡100的下部区域104可以偵l 用传统样式的浮雕信息(符合ISO 7811-1规定),例如持卡人姓名、 it字帐(或者卡)号、以及有效日期,以4吏卡100可在传统的卡刻印器中4吏用。 Card 100 may lower area 104 l reconnaissance conventional relief style information (in accordance with the provisions of the ISO 7811-1), No. e.g. cardholder name, word IT account (or card), and the effective date of the card 100 to 4 officials may conventional card imprint vessel 4 with officials.

上部区域102和下部区域104 ^皮中部区域106分隔,其中嵌入一组8个可见的ISO智能卡触点108,其在卡和读卡器上相应触点之间冲是供方便的电连接。 The upper region 102 and lower region 104 middle area 106 separated transdermal ^, is embedded a set of 8 visible ISO smart card contact 108, in which the punch card and reader is available for convenient electrical connection between the respective contacts. 通过该方法,不仅数据,而且电源、时钟以及控制信号都可在读卡器和卡之间进行交换,如ISO 7816-3中所规定的。 And power, clock and control signals can be exchanged between the reader and the card by this method, not only the data, as specified in the ISO 7816-3. 在区域106的右侧可以看见传感器区i或110,其用于乂人持卡人的手指获取指紋数据。 In the right side region of the visible sensor region 106 i or 110, for qe human fingerprint data acquired cardholder's finger. 优选地,向卡提供与传感器110或者嵌入卡中其它电子元^f牛p舉一只十应的ID石马;例如,传-统的IP和/或MAC i也址格式的编码。 Preferably, the sensor 110 to the card or a corresponding ID ten Shima other electronic element embedded in the card p ^ f bovine lift; e.g., mass - conventional IP and / or MAC i also address encoding format.

图1还示意性地示出了数个附加的电子元件,其与触点108和传感器110配合,与其他可能相比,提供了更强大的功能,特别是更好的安全性。 Figure 1 also schematically illustrates a number of additional electronic components, with the sensor 110 and the mating contacts 108, as compared with other possible to provide a more powerful, in particular better security.

在一个实施例中,ISO智能卡兼容处理器112直接连接到ISO 触点108,以提供与外部ISO兼容读卡器(未示出)的电连接,从而不仅向卡上电子器件提供电源,而且提供用于在卡与任何运行在读卡器或者任何与读卡器联网的相关计算设备上的外部通信软件、 安全软件、交易软件、和/或其它的应用软件之间传输数椐的方法。 In one embodiment, the smart card ISO-compatible processor 112 is directly connected to the ISO contacts 108, to provide an external ISO compatible card reader (not shown) is electrically connected, so that not only provides power to the electronics on the card, but also provides in the method for transmitting the number noted between the card and any external communication software running on the card reader or any associated computing devices networked with the card reader, security software, trading software, and / or other applications.

尽管在所述实施例中,在卡100和外部读卡器之间的数据通道是使用ISO规定的智能卡连通方案的有线连接的形式,但应当明白, 在其它的实施例中,其它的传输技术也可以被使用,例如USB或RS 232C或SPI (串4亍)连接,可通过无线RF ( Radio Frequency射频)、微波和/或IR (InfraRed红外线)通信链路。 Although in the embodiment, the data path between the card 100 and the external card reader is in the form of a wired connection using a smart card of ISO predetermined communication scheme, it should be understood that, in other embodiments, other transmission technologies It may also be used, such as USB or RS 232C or SPI (serial right foot 4) is connected, via a wireless RF (radio Frequency RF), microwave and / or IR (infraRed IR) communication link.

同样,尽管所述实施例从读卡器获取电源,但其它的实施例可以具有卡上电源,例如太阳能电池或者电池。 Similarly, although the embodiment acquires power from the card reader, other embodiments may have the power on the card, such as a solar cell or a battery. 该卡上电源可能具有优势,例如,如果在卡100和特定类型读卡器之间的机械接口是这样的,以使指紋传感器110在触点108连接到读卡器中相应连接的情况下不能被用户访问,从而必须在卡100不与读卡器直接有线连4妾的情况下捕获用户指紋凄史据。 The case where the power supply card may have advantages, e.g., if the mechanical interface between the card 100 and a particular type of card reader is such that the fingerprint sensor 110 so that the contact 108 is connected to a respective reader is not connected accessed by the user, so the user must capture fingerprint sad history, according to the card and the card reader 100 is not directly connected to the case of 4 cable concubine. 安全处理器如图所示,安全处理器114连4妄在ISO处理器112和传感器110 之间,用于提供对所捕获的数据的安全处理和存储,并且提供"防火墙",以保护存储在它的专用存储器中的数据和程序免遭任何通过ISO处理器112进行的异常访问企图,如下文所述。 As shown in FIG secure processor, the secure processor 114 to jump to 4 connected between the ISO processor 112 and sensor 110 for providing secure processing and storage of the captured data, and to provide a "firewall" to protect stored data and programs its dedicated memory from access by any abnormality ISO processor 112 attempts, as described below. 该防火墙可设计为仅通行使用了加密密钥的加密数据,该加密密钥基于唯一分配的网络;也i止或者其它与该4争定卡p舉一^t应的东西,例力口从先前存储的指紋图案提取的数据,或者唯一分配的设备号例如CPU号, 或者指紋传感器号。 The firewall may be designed using the data encryption key for encrypting traffic only, the encryption key based on a uniquely assigned network; i also stop or other card given to the fight 4 p ^ t should give a thing, for example, a force from the port previously stored fingerprint pattern extracted data, or a device number such as CPU number or a fingerprint sensor number uniquely assigned. 在另一个实施例中,防火墙^f又仅通行包括源自先前的传输或者数据的唯一可识别lt据的数据。 In another embodiment, only the traffic the firewall ^ f and comprising a uniquely identifiable from a previous data transmission or data lt data. 在其他实施例中, 防火墙对不同的应用保存不同的密钥,并且用这些密钥将数据发送到各自不同的处理器或者存卡者器部分。 In other embodiments, different applications saved firewall different keys and these keys to transmit data to respective different processor or memory card maker section. 在另一个实施例中(未示出),安全处理器114直接连接到ISO 触点108,并且充当ISO处理器112与ISO触点108之间的安全门禁。 Embodiment (not shown), the Security processor 114 is directly connected to the ISO contacts 108 in another embodiment, and act as a security access between the ISO processor 112 and the ISO contacts 108. 该可选方案具有如下优点,提供由安全处理器114和传感器110 提供的附加的安全性,而不会有任何危及任何可能已集成到ISO处理器112中的安全特性的可能。 This alternative has the advantage of providing additional security provided by the security processor 114 and sensor 110, without any possible compromise of any security features may be integrated into the processor 112 ISO. 安全处理器114优选包括非易失半导体存储器或者非半导体存储器,例如FRAM、 OTP、 E2PROM、 MRAM、 MROM,用于存储先前注册的指紋图案和/或其它的人体生物信息。 Security processor 114 preferably includes a nonvolatile semiconductor memory or a non-semiconductor memory such as FRAM, OTP, E2PROM, MRAM, MROM, for storing a previously enrolled fingerprint pattern and / or other human biological information. 在其他实施例中, 安全处理器114的一部分或者全部功能可在ISO处理器112中执行, 和/或ISO处理器112的一些或者全部功能可在安全处理器114中执行。 , A portion or all of the functions of security processor 114 may be performed in ISO processor 112 in other embodiments, and / or the ISO processor 112 may perform some or all of the functions in the security processor 114. 这样的组合执行仍能维持各功能之间的软件防火墙,如果设备以不允许对存储的软件程序作任何后续修改的方式来执行,那么这将是特别有利的。 This combination can be maintained to perform a software firewall between the various functions, if the device is not allowed to store software programs to make any subsequent modification of the way to perform, then it will be particularly advantageous. 可选地,处理器112、 114都可以是单个多处理器设备中单独的处理器,该设备设计为保护每个处理器免遭来自运行在不同处理器内的另一个程序的任何干4尤。 Alternatively, processor 112, 114 may be a single separate processor in a multiprocessor apparatus, the device is designed to protect against each processor from another program running in different processors of any particular dry 4 . 这种多处理器装置的一个实例是日本夏普7>司(Sharp)的DDMP (Data Driven Multiple Processor,凄t据驱动式多处理器)。 One example of such a multi-processor device is Sharp 7> Division (Sharp) of DDMP (Data Driven Multiple Processor, sad t multiprocessor data driver). 尽管这些各种传感器、触点、和其它电子元件,以及用于互连的印刷电路或者其它电线路,均优选被完全装入卡100的卡体,从而4呆护它们免遭磨损和外部污染,而且还在上部区域102和下部区域104之间的中间区域106之内的优选位置进一步保护它们免遭来自与其它区域有才几械连接的传统的磁条读卡器、压印机、以及刻印装置的可能的损害。 Although these various sensors, contacts, and other electronic components, and means for interconnecting a printed circuit or other electrical circuit, it is preferably fully loaded card card body 100, thereby protecting them from abrasion stay 4 and external contamination , and the preferred location within the middle region 106 between upper region 102 and also the lower region 104 further protects them from the conventional magnetic stripe readers, embossing machine from several other regions of talented mechanical connection, and possible damage inscription means. LED反馈LED 116a、116b由安全处理器114控制,向用户提供可视反馈。 LED feedback LED 116a, 116b, 114 provide the user visual feedback controlled by the security processor. 在所示实施例中,它们位于下部区域104中,优选地位于卡的侧边远离触点108的位置。 In the illustrated embodiment, they are located in the lower region 104, is preferably located away from the side of the card contact locations 108. 无"i:仑如何,LED116a、 116b优选地位于在任何压印程序期间它们不会被损害的位置,以及位于当卡插入传统的ISO智能卡读取器时和/或当用户手指放到指紋传感器110上方时它们可以净皮看见的4立置。例如:在-验i正一莫式下:•红灯闪烁:等待手指•停止闪烁:手指已放在传感器上• 红灯闪烁一次:不匹配,可以移动手指• ^:灯长闪烁一次:已匹配,可以移开手指注册模式下:•绿灯闪烁:等待手指•停止闪烁:手指已放在传感器上• 红灯闪烁一次:不能注册,可以移动手指• 绿灯闪烁一次:已注册,可以移开手指擦除模式下:•绿灯和红灯闪烁:准备擦除• 绿灯闪烁一次:已〗察除优选地,在发送任何否定才艮告之前,用户碎皮给予多次机会去方文置其手指以得到成功的匹配或者注册。在一个实施例中,只有当用户在收到绿灯准许指示之前移开 No "i: How Lun, LED116a, 116b is preferably located at any position during the embossing procedure are not compromised, and is located when the card is inserted into a conventional ISO smart card reader, and / or when the user's finger on the fingerprint sensor when the skin over the net 110 which may be seen upright 4 example: - test i n the formula Mo a:. • red flashing: • wait finger stop blinking: finger placed on sensor has a • red flashing: mismatched You can move your finger • ^: long light flashes once: matched, can be removed under the finger registration mode: • flashing green: waiting • stops flashing finger: finger has been placed on the sensor • red flashes once: not registered, you can move • flashing green fingers once: registered, you can remove your finger erase mode: • green and red flashing: • flashing green ready to erase once: the police have〗 addition preferably, before sending any negative report before Burgundy, user broken skin given several opportunities to Fang Wen placed his finger to get a successful match or register. in one embodiment, before the user only when the green light is received grant indication away 手指时,或者当预定时限超出时,否定报告才被发送到认证服务器。该程序不仅训练用户实现其手指在传感器上方进行最佳放置,其不仅降低了计算复杂性,而且使得可使用更大的辨别阈值。该可视反馈还提供了用于在无经验用户(其通常不断尝试直到实现正确的;^文置)和^l诈用户(其通常不希望引起任何注意,并且将会在其恶意被发觉之前离开)之间进行辨别的心理学基础。最终结果是显著减少了错误否定和/或错误肯定的可能性。图2示出了帮助用户将其手指放置到传感器110上的典型程序。在方框150中,RED LED 116b正在闪烁。 一旦手指神皮探测到(方框152 ),该LED就停止闪烁并进行图像质量(对应于手指皮肤的凸部和凹部的细长的限定区域)的检测(方框154)。如果质量不合格(NO分支156),那么REDLED 116b的单次闪烁指示用户移动其手指到不同的位置 When a finger, or when a predetermined time limit is exceeded, a negative report was only sent to the authentication server. The user training program only achieve their optimal placement finger over the sensor, which not only reduces computational complexity but also enables the use of larger the discrimination threshold also provides visual feedback for inexperienced users (which typically keep trying until a correct; ^ set text). ^ l fraud and users (which is often undesirable cause any attention and will at its malicious be found between before leaving) Psychological foundation recognizable. the end result is a significant reduction of false negatives and / or likelihood of a false positive. FIG. 2 shows a help users to place their fingers on the sensor 110 is typically a program. in block 150, RED LED 116b is blinking. Once the finger skin God detected (block 152), the LED stops blinking and image quality (defined elongated regions corresponding to the skin of a finger convex portion and the concave portion) detection (block 154). If the quality standard (NO branch 156), then a single REDLED 116b flashes to indicate a user moves his finger to a different position 方框158);否则(YES分支160)执行第二才全测(方才匡162),以确定是否相同手指》丈在净皮用来注册用户的相同位置,从而相对简单的匹配算法就可在预定阈值范围内验证现场凄t据与存储^:据的符合,乂人而-验i正现场手指与最初注册的手指相同(YES分支164 ),以及GREEN LED 116a ^皮激活(方框166 )持续足够长时间(方框168)以证实已经产生成功的匹配以及用户现在可以移开其手指。可选地,如果匹配阈不满足(NO分支170), 那么红色LED 116b的单次闪烁(方框158)指示用户移动其手指到不同的位置,且该程序重复进行。典型网络结构接下来参照图3,其示出了既可本地也可远程验证出示安全身份识别卡的人的身份的生物验证系统的一个可能的实施例。 Block 158); otherwise (YES branch 160) a second before performing a full test (Marina just 162), to determine whether the same finger "feet to the skin in the same location registration net users, so that the matching algorithm can be relatively simple in within a predetermined threshold range validation field sad t data stored ^: data meet, qe person - test i n live finger originally registered finger same (YES branch 164) and the GREEN LED 116a ^ transdermal activation (block 166) continued long enough (block 168) to produce a successful match has been confirmed, and the user can now remove his finger. Alternatively, if the matching threshold is not met (NO branch 170), then a single red LED flashes 116b of the (party block 158) indicating that the user moves his finger to a different position, and the procedure is repeated. Next, a typical network configuration with reference to FIG. 3, which shows either locally or remotely to produce security identification card to verify the identity of a biological a verification system of the possible embodiments. 其包括三个主要部分:客户终端200,应用服务器202以及认证服务器204。 Which comprises three main parts: a client terminal 200, application server 202 and authentication server 204. 客户终端200包4舌以下功能:现场捕获和本地处理用户的指紋、力口密本地处理数据、以及与应用服务器及认证服务器进行安全通信, 该安全通信优选通过使用IP/TCP寻址方案和传输协议的互联网进行,并通过传统的IP防火墙206提供保护以免遭恶意访问。 The client terminal 200 packages the tongue 4 functions: local site capture and process the user's fingerprint, the force densely populated local processing data, and secure communication with the application server and the authentication server, preferably by using the secure communication IP / TCP addressing scheme and transmission Internet protocol progresses, and provide protection from malicious access through traditional IP firewall 206. 在其他实施例中,防火墙206可以拥有过滤器以及加密编码器/解码器,用于当发送数据被验证为授权数据后将其编码并用于当确定接收数据是否为授权数椐前将其解码,其例如使用像DES 128这样的加密算法。 In other embodiments, the filter can have a firewall 206 and an encryption encoder / decoder, it will be used when transmission data is verified as an authorized data which is encoded and when it is determined whether the received data is a license number noted before it is decoded, for example, using DES 128 such as encryption algorithm. 用该方法,防火墙206不4又可才艮据才艮文头,而且可根据才艮文内容来将数据分类为授权数据或者潜在恶意数据。 With this method, the firewall 206 does not turn before 4 Burgundy Burgundy data only the packet header and the data may be classified as potentially malicious data or authorization data according to the message contents before Gen. 客户终端200可以专用网络设备的方式来实现,或者可以应用于安装在可编程的台式电脑、笔记本电脑或者其它工作站或个人电脑上的寿id牛当中,这些电脑由通用操作系统例如Windows XXX、 OSX、 Solaris XX、 Linux或Free BSD所控制。 The client terminal apparatus 200 may be dedicated network ways, or may be applied to a programmable desktop mounted, Shou id cattle on a laptop or other personal computer or workstation among these computers by a general purpose operating systems such as Windows XXX, OSX , Solaris XX, Linux or Free BSD controlled. 优选地,客户终端200包括保持更新的"禁用"数据库(例如丢失的或者失窃的卡的身^f分,或者对特定的卡或者一组卡的限制),以」提供附加的安全措施。 Preferably, the client terminal 200 includes a retaining updated "Disable" database (e.g. body lost or stolen cards ^ f min, or restrictions on a particular card or group of cards) to 'provide additional security measures. 应用服务器202包括如下功能,进行事务处理,或者在用户的身份已经被认证服务器204证实之后,响应来自在客户终端200的远程用户的指令。 The application server 202 comprises a function, transaction processing, or after the user's identity has been confirmed by the authentication server 204, in response to an instruction from the client terminal 200 to the remote user. 认证服务器204包括以下功能,与客户终端200及应用服务器202进行安全通信,存储真实指紋数据和其它关于前注册用户的信息,将存储数据与从客户终端200收到的加密的现场数据进行比较,以及通知应用服务器202指定的现场指紋数据是否匹配存储的指紋数据。 The authentication server 204 includes the following features, application server and the client 200 and 202 terminals for secure communication, storage, real fingerprint data and other information about the pre-registered users will be stored with the encrypted data received from the client terminal 200 field data to compare, and whether to notify the application server 202 designated off-site storage of fingerprint data matches the fingerprint data. 更特别地,客户终端200还包括两个主要部件:固定读卡器208 部件,其包括互联网浏览器终端210和读卡器接口108a(其可以是简单的USB线缆,端接在一组电触点上,用于形成与ISO智能卡触点108的对应电连4妄);以及^f更携式智能卡部件100,。 More specifically, the client terminal 200 further comprises two main components: a fixed card reader 208 component including an internet browser terminal 210 and a card reader interface 108a (which may be a simple USB cable terminating in a set of electrical ^ f more portable and smart card member 100 ,.; on contact with a corresponding electrical ISO smart card contact 108 for forming an even jump 4) 在一个实施例中,便携式部件IOO,可以是前面所述的智能卡100,包括指纟丈传感器110、安全处理器114和ISO智能卡处理器112。 In one embodiment, the IOO portable member, may be the previously described smart card 100 including a finger sensor 110 feet Si, the security processor 114 and the ISO smartcard processor 112. 应用服务器202还包括互联网服务器接口,其包括防火墙206 和互联网浏览器214,以及交易应用才莫块216和确认模块218。 Application Server 202 further comprises an internet server interface including the firewall 206 and internet browser 214, and the transaction application block 216 and only Mo confirmation module 218. 在应用服务器和应用才莫块216是未祐?没计成通过IP/TCP协议进行对外通信的传统设备的情况下,防火墙206可用适当的安装了确认才莫块218并且具有固定IP地址的协议转换程序来代替。 Protocol in the case of the application server and the application only Mo block 216 is not Yu? Did not count as a conventional device for external communication through the IP / TCP protocol, the firewall 206 can be used properly installed confirmed only Mo block 218 and has a fixed IP address conversion program instead. 例如,应用月良务器可以由愿意通过互联网向授4又用户提供服务的第三方来进4亍操作。 For example, application-month good service can be provided by the Internet willing to grant third-party service user 4 and 4 into the right foot to operate. 认证服务器204还包括:互联网服务器接口220;处理模块222, 包括指紋匹配算法224;以及数据库226,用于存储指紋和其它当这些个人被系统注册以及其身份保证满足系统操作员的要求时从这些个人处收集的真实信息。 The authentication server 204 further includes: an Internet server interface 220; and a processing module 222 including a fingerprint matching algorithm 224; 226 and a database for storing fingerprint and other individuals from these when they are registered with the system and ensure its identity to meet the requirements of the system operator real personal information collected at. 为了进一步加强安全性,优选地,用于任何特定个人的存储数据不以单一的信息列来存储在应用服务器上,而是将各项分开存储,并且任何连接这些项目所要求的索引或者关联都只有通过相应的密钥才可以得到,该密钥保存为认证月良务器中个人私人凄t据的一部分。 To further enhance security, Preferably, for any index, or connection associated with those items required for any particular individual data is not stored in a single column for storing the information on the application server, instead of stored separately, and both only be obtained by the appropriate key, save the private key as part of the personal data certification sad t month good service vessel. 定位在某些实施例中,固定读卡器208和/或<更携式卡IOO"还可以装备集成的全球定位卫星(Global Positioning Satellite, "GPS")接收器212,其可提供关于读卡器和卡在或约在特定交易发生时的当前位置的有用信息。特别地,来自GPS接收器212的位置数据可用于在读卡器或卡^皮移出至其使用未获授权的区域的情况下使读卡器和/或卡失效"1c久或临时)。 Location In certain embodiments, the fixed reader 208 and / or <more portable card IOO "may also be equipped with an integrated global positioning satellites (Global Positioning Satellite," GPS ") receiver 212, which may be provided on the reader Useful information and card at or about the time a particular transaction of the current position. in particular, the location data from the GPS receiver 212 may be used in a card reader or transdermal ^ to its out using unauthorized area the reader and / or card failure "1c a long time or temporary). 除了通过GPS,还可以通过其4也方法来自动确定位置,例如采用PHS (日本蜂窝式电话)呼叫者定位技术,或者采用对地球电磁场中的局部变化敏感的定位传感器。 In addition, the position can also be automatically determined by the method by which 4 also GPS, for example using PHS (Japanese Cellular Telephone) caller location technology, or the use of local variations in the Earth's electromagnetic field sensitive sensor is positioned. 在装备GPS卡的特别例子中,各种GPS元件包括天线;数字放大、 AD转换器以及采样和保持电路;以及计算位置的数字信息处理器, 优选地,这些元件都是单块集成电路的部件或者都是安装在单块电路板上的分立器件,其被集成、嵌入或者层压到卡体中。 In a particular example of GPS-equipped card, the various GPS components including an antenna; digital amplifier, the AD converter and sample and hold circuit; and calculating the position of a digital information processor, preferably, the member is a monolithic these elements or discrete devices are mounted on a single circuit board, which is integrated, embedded or laminated into the card body. 具有卡上匹配的ISO卡的卡结构ISO处理器接口图4是典型ISO智能卡兼容生物验证卡100或100,的功能方框图,其有不同的物理凄t据路径,用于初始载入持卡人生物凄t据期间和as正持卡人对远禾呈应用的身份期间。 ISO card processor interface having a structure of FIG ISO card matching the card 4 is a functional block compatible with typical ISO smart card biometric authentication card 100 or 100, which have different physical data paths sad t, the initial loading of cardholders It was sad t during the period and the identity of the cardholder as being far Wo was applied. 特别:l也,除了前面描述的ISO处理器112、安全处理器114、 指紋传感器110、 LED116a、 116b和可选的GPS 4妄收器212,其中只有ISO处理器112通过ISO智能卡触点108直4妄连4妄到读卡器208的方式之外,还示出了独立的加载模块300和相关的临时连接302,其在初始的用户注册期间提供与安全处理器114的直接通信。 In particular: l is also, in addition to the previously described ISO Processor 112, Security Processor 114, Fingerprint Sensor 110, LED116a, 116b and optional GPS 4 jump to receiver 212, which only linear processor 112 via ISO ISO smart card contact 108 4 jump jump to embodiment 4 is connected to the card reader 208, but also shows a separate loading module 300 and associated temporary connection 302, which provides direct communication with security processor 114 during initial user registration. 可以注意到,当临时加载连接302连接到特定的I/O端口308时, ISO处理器112通过1/0端口304、306与安全处理器114进行通信。 It can be noted, when the temporary connection 302 is connected to the loading of a specific I / O port 308, ISO processor 112 communicates via 1/0 ports 304, 306, 114 and secure processor. 优选地,安全处理器编程为,使得任何每丈感保密相关数据或者软件^又可/人端口308得到而不能从端口304和306得到,乂人而避免了在连接302被禁止后任何恶意访问这些敏感数据的可能性。 Preferably, the security processor is programmed to, each of the sense that any confidential data or software feet turn ^ / person obtained from port 308 and not to give ports 304 and 306, qe person avoids any malicious access is disabled after the connection 302 the possibility of such sensitive data. 大多K市场上可获4寻的ISO处理器具有至少两个I/O端口而且有些具有至少三个。 4 homing available ISO processors have at least two I / O ports and some of the most K market has at least three. 这些端口中仅有一个(I/O 1 )被指定用于连4妾到外部ISO兼容读卡器208的传统的ISO智能卡串行数据连接108。 Only one of these ports (I / O 1) is designated 4 for connection to an external ISO compatible card reader concubine conventional ISO 208 smart card serial data connection 108. 优选地,另外的一个或者两个I/0端口提供了在ISO处理器112和安全处理器114之间的专用硬布线通信,其作为石更件防火墙,以阻止对安全处理器114重编程序或者获得对任何敏感信息的访问的任何恶意企图,该信息可能是先前被传感器110获取或者可能是被存储在处理器114内。 Preferably, one or two additional I / 0 port provides a dedicated hardwired communication between the ISO processor 112 and safety processor 114, which is used as the graphite member more firewalls, security processor 114 to prevent reprogramming or obtaining access to any sensitive information that any malicious intent, the information may be previously acquired by the sensor 110 or may be stored in the processor 114. 在具有多于两条I/0线路的ISO处理器的特定情况中,甚至当安全处理器完全断电时,可能在ISO处理器和安全处理器之间的专用通信路径上的静态信息出现多于两个的状态,例^口1 ) Ready (;t尤症者),2 ) Busy (t亡),3 ) Fail (失败),和4 ) Pass (通过)。 In the particular case of a more than two I / 0 line ISO processor, even when the Security Processor is completely powered down, it may be static information on the dedicated communication path between the ISO Processor and the Security Processor there is more in the two states, ^ port Example 1) Ready (; t esp's disease), 2) Busy (t death), 3) fail (failure), and 4) pass (pass). 当然,即4吏只有一个I/O端口有效,这四种状态也能作为串行凄史据#1动态发送。 Of course, only one official i.e. 4 I / O ports effectively, four states can also be used as dynamic # 1 transmits the serial data desolate history. 可以通过ISO接口I/O 2和I/O 3在ISO CPU与安全CPU之间传输的可能的命令和数据如下:• 注册或者一险i正用户命令,安全CPU将对其发送注册结果或者-验证结果,用于本地存储和/或发送至远程应用。 By possible commands and data 2 and the I / O transfer. 3 of the ISO interface I / O between the ISO CPU and the Security CPU are: • Register or i n a risk to a user command, the safety CPU transmits the registration result thereof or - verification result for local storage and / or transmission to a remote application. • 指紋信息,作为模板(参考)可从安全CPU发送到ISO CPU, 用于存储到ISO智能卡存储器中以发送至远程应用。 • fingerprint information can be sent as a template (reference) from the safety CPU to ISO CPU, a memory to store the ISO smart card to send to a remote application. 为了加强4文感私人信息的安全性,参考数据可在其发送到ISO CPU之前由安全CPU进行加密。 In order to strengthen the sense of security of private information article 4, reference data can be encrypted by the security CPU before it is sent to the ISO CPU. 加载连接302提供与安全CPU 114的直接连接,当可在ISO CPU 112和ISO读卡器208之间维持通信时,其绕开ISO连接和相关的专用I/O端口304和306所提供的任4可防火墙保护,乂人而电源对于安全CPU 114也是可用的。 Loading connection 302 provides a direct connection to security CPU 114, may be maintained when the communication between ISO CPU 112 and ISO reader 208 that bypasses any ISO connector and associated dedicated I / O ports 304 and 306 provided 4 can be protected by a firewall, and the power qe human safety CPU 114 is also available. 主要是用于该卡对特定用户的初始注册,并一夸可防止未授;Ki方问。 The card is mainly used for initial registration of a particular user, and a boast to prevent unauthorized; Ki Fang asked. 图5示出了图4所示的典型生物-验i正卡的可选实施例,其打算4吏用未修改ISO智能卡CPU ( unmodified ISO SmartCard CPU )。 FIG. 5 shows a typical biological shown in FIG. 4 - i n an alternative embodiment of test card, which is intended to 4 official smart card with an unmodified ISO CPU (unmodified ISO SmartCard CPU). 特别地,ISO CPU 112,无论在正常使用期间或者在装载期间都不必再在读卡器208和安全CPU 114,之间执行任何网关功能,因而其可以是任何ISO许可芯片,其不以任何方式作改变,并且以对读卡器208 和对4壬4可外部应用都绝对透明的方式来^f吏用。 During particular, ISO CPU 112, whether during normal use or are no longer loaded in the card reader 208 and security CPU 114, perform any gateway functions between, so it can be any ISO license chip, which is not in any way for changes, and in order for the card reader 208 and for external application may be 4-nonyl 4 absolutely transparent manner with ^ f officials. 在该可选实施例中, 如果获取的指紋和存储的指紋相匹配,那么安全CPU 114,就用作ISO CPU 112,和4壬4可外部应用之间的透明防火墙,并且如果获取到的指紋和存储的指紋不匹配,那么其将阻止所有这些通信。 In this alternative embodiment, if the acquired fingerprint and the stored fingerprint match, the security CPU 114, it is used as ISO CPU 112, and may be transparent firewall 4 azelaic 4 between the external application, and if the acquired fingerprint and the stored fingerprints do not match, then it will stop all of these communications. 卡初始化和存储数据的保护剪断在一个实施例中,最初制造的卡具有突出的印刷电路延伸物, 其提供与安全CPU,以及与至少ISO接口的部分和/或任何分立的卡上存储器的直接连接。 Protection card initialization and storing data cut in one embodiment, the card initially manufactured with protruding printed circuit extension was a direct part and / or on any separate card memory which provides a safety CPU, and at least ISO interface connection. 直接连接接口仅仅用于检测卡和指紋注册数据,并且包括使注册程序生效的信号。 Detecting a direct connection interface is used only card and fingerprint data registered, and the registration process includes a signal in effect. 注册完成后,将电路延伸物机械地断开,从而不再可能进行注册,并且安全CPU存储器只有通过ISO CPU和前面描述的ISO CPU与安全CPU之间的防火墙才可进4亍i方问。 Firewall between the ISO CPU and the Security CPU After registration, the extending circuit was disconnected mechanically, so that registration is no longer possible, and the Security CPU memory is only through the ISO CPU and described before in front of the right foot into 4 square Q i. 保险丝在另一个实施例中,安全CPU有一种存储器, 一旦将注册指紋图案写入,其就将不可访问。 In another embodiment, the fuse, there is a safety CPU memory, once the registration fingerprint pattern is written, it will be inaccessible. 该存储器的一个实例是一次性PROM ( "OTP"),其在结构上和EEPROM相似,4旦是对UV不透明,因而不可^察除。 An example of such a memory is one time PROM ( "OTP"), Qi and EEPROM Xiangsi in structure 4 deniers is opaque to UV, and thus can not be observed except ^. 另一个实例是Flash ROM,其在注册完成之后变成只读,例如对Enable或Address或Data信号路径通过施加足够的电流,以在该yf言号通道中形成物理断路("呆险丝,,)。典型认iiE^序在一个实施例中,典型i人证程序包括获取物理指紋数据,例如, 在由访问人^f吏用的连接到应用服务器的客户终端上使用光学或压力或传导或电容或声学或弹性或摄影技术,然后将该数据发送(优选地,以加密格式)到独立的指紋认证服务器。指紋认证服务器使用认证软件将获耳又的指紋数据与指紋文件进行比丰交,该文件包括用户的指紋注册凄t据,并且如果数据是匹配的,那么认证月l务器发送生效指令到应用服务器。在另一个实施例中,用户访问指紋i人证服务器的安全网络浏览器,其包括指紋文件,其中所有指紋连同个人数据一起是预注册的, 例如姓名、地址、和出生日期 Another example is Flash ROM, which become read-only after the completion of registration, for example, Enable or Address or Data signal path by applying sufficient current to form a physical disconnection ( "Dull fuse the channel number yf ,, Introduction ). typical recognition sequence iiE ^ in one embodiment, a typical procedure comprises i witnesses obtain physical fingerprint data, for example, using optical or pressure or conductive connection to the application server in a client terminal by an access of people or with ^ f officials capacitive or acoustical or elastic or photographic technologies, and then sends the data (preferably in encrypted form) to a separate fingerprint authentication server. fingerprint authentication using the authentication server software will receive and ear fingerprint data with the fingerprint file than the cross-Feng, this file contains the user's fingerprint data registration desolate t, and if the data are matched, the authentication service sends l month commencement instruction to the application server. in another embodiment, the secure web browser user access server fingerprint i witnesses , which includes a fingerprint file, which along with all the fingerprints are pre-registered with the personal data such as name, address, and date of birth 然后用户通过安全协i义例如HTTPS 格式访问的安全指紋认证服务器向客户终端发送指令以在客户终端处获取用户的指紋。响应于客户终端浏览器所显示的指令,用户将其选定的手指放到指紋传感器上,然后安装在客户终端里的指紋获取软件获取数字指紋,例如具有25微米(micron )至70微米间3巨分多,率以及12.5平方毫米(mm2)至25平方毫米的面积,并且还具有8位灰度级的象素图像。安全指紋认证服务器接收指紋数据,并连同接收User ID以及互联网IP i也址和/或指紋传感器单独编码(MAC地址)和/或cookie (cookie是网络服务器存放到客户终端里的数据,用于网络服务器识别该客户终端)和/或任何唯一码或其他识别特定的个体或者终端的信息(例如,来自客户终端和安全指紋认证服务器之间先前的会话的细节),通过接收以上信息,其使用认证软件将接收的指紋 The user then, for example, a fingerprint authentication server HTTPS secure format accessible by sending security co-i sense instruction to the client terminal to obtain the fingerprint of the user at the client terminal. In response to instructions displayed by the browser of the client terminal, the user will put his selected finger a fingerprint on the fingerprint sensor, and then installed in the client terminal in the acquisition software acquires a digital fingerprint, for example, a 25 microns (micron) between 70 m 3 giant division multiplexing, rate, and 12.5 mm2 (mm2) to 25 mm square area, and further having a 8-bit grayscale image pixels. fingerprint security authentication server receives fingerprint data, together with the received User ID and IP i also Internet addresses and / or fingerprint sensor individual coding (MAC address) and / or cookie (cookie is the network server to the client terminal stored in the data, (e.g., from the client terminal and the security server between the previous fingerprint authentication for the network server to identify the client terminal), and / or any unique code or other information identifying the particular individual or terminal details of the session), by receiving the above information, using the received fingerprint authentication software 据与指紋文件进行比较,该文件是预注册的指紋数据以及用户ID, 个人信息,例如姓名、地址、出生日期、非法记录、驾驶执照、社会保险号,等等,其可以是细节比较和或是快速傅里叶变换比4交。在认证程序的开始,用于相关应用的网络服务器214从视觉上或者听觉上指示用户将其手指方文到指紋获取传感器IIO上并且敲击其鼠标键或键盘键以从而启动安全处理器114中的指紋获取软件。 4妄着将获耳又的用户指紋凄t据通过ISO处理器112和客户终端200的网络浏览器210以加密格式(例如,使用安全RSA加密传输协议HTTPS )发送到指紋认证服务器204的网络服务器220。 According to the fingerprint data is compared with the fingerprint file, which is pre-registered and user ID, personal information such as name, address, date of birth, illegal records, driver's license, social security number, etc., which can be compared and details or 4 is a cross ratio of fast Fourier transform. in the beginning of the authentication program, a network server for the associated application 214 instructs the user to visually or audibly Fang their fingers to the fingerprint sensor acquires IIO and which mouse button or hitting keyboard to the security processor 114 to initiate the fingerprint acquisition software. 4 and jump to the ear will be given of the user's fingerprint data by sad t ISO processor 112 and client web browser 210 of the terminal 200 in an encrypted format (e.g., using a secure RSA encrypted transmission protocol HTTPS) server 204 transmits to the fingerprint authentication server 220 of the network. 如果获取的数据成功匹配其数据库226中相应的数据,那么指紋认证服务器204接着将对客户终端200和对应用服务器202确认用户的身份。 The corresponding data in its database 226 if the acquired data is successfully match, then the client terminals 200 and 202 will confirm the identity of the user to the application server fingerprint authentication server 204. 以下将参照图3,描述一个采用了三路认证协议和一次性口令作为哈希(Hash)字符编码序列的典型优选实施例:• 客户终端200的网络浏览器210通过请求访问应用程序216 访问相应的应用月l务器202的网络4妄口214。 Typical below with reference to FIG. 3, a three-way authentication protocol using a one-time password and a hash (the Hash) character sequence encoding a preferred embodiment: • the client web browser 210 of the terminal 200 by requesting access to the corresponding application 216 to access application Service network l month 202 214 4 jump port. • 应用服务器202的网络接口214以登入(LOG-IN )屏幕信息和访问应用禾呈序216的相关指令作为响应。 • The application server 202 is a network interface 214 to sign (LOG-IN), and the screen information access application 216 Wo was associated instruction sequence as a response. •客户终端200指示ISO处理器112激活安全处理器114。 • the client terminal 200 instructs ISO Processor 112 to activate Security Processor 114. • ISO处理器112触发安全处理器114。 • ISO Processor 112 triggers Security Processor 114. • 安全处理器114等候来自指紋传感器110的指紋数据并且当收到有效数据时,提取指紋数字图案,该图案通过ISO处理器112发送到网络浏览器210。 • the security processor 114 waiting fingerprint data from the fingerprint sensor 110 and when valid data is received, extracts a digital Fingerprint pattern, which is sent to the web browser 210 via ISO Processor 112. • 网络浏览器210将指紋提取图案的加密版连同(或与之共同力口密)涉及卡100,和读卡器208的相关信息发送到认证月良务器204,例如用户ID、客户终端200的IP地址、和/ 或传感器110的石更布线ID编码(MAC地址)。 • the web browser 210 an encrypted version of the fingerprint pattern extracted together with (or densely populated with a common force) related to the card 100, the card reader 208 and transmits information to the authentication service 204 good months, such as a user ID, customer terminal 200 IP address, ID code and stone more wiring / or sensor 110 (MAC address). • 认证服务器204的网络接口220,由以上步骤接收指紋提取图案连同来自客户终端200的其它信息一起,将这些信息发送到指紋匹配处理器222。 • the authentication server 204 of the network interface 220, receive a fingerprint pattern extracted by the above step with, send this information to the Fingerprint Matching Processor 222, along with other information from the client terminal 200. • 在匹配4欠4牛224的4空制下,指紋匹配处理器222〗吏用收到的用户ID或者其它的用户特定相关信息,乂人#:椐库226斗企索相应的指紋参考图案并且将指紋获取图案与指紋参考图案进行比较。 • Less matching 4 4 4 Bovine pneumatic brake 224, the fingerprint matching processor 222 with the user ID received〗 officials or other user-specific information, # qe man: As noted in the library corresponding cable half bucket 226 reference fingerprint pattern Get the fingerprint pattern and the reference pattern is compared with the fingerprint. • 将结果(匹配或不匹配)连同对终端200、用户ID卡100,和应用请求216进行验证的相关信息一起存储到访问历史日志中,并且将控制返回给认证服务器网络接口220。 • the result (match or mismatch), along with information on the terminal 200, 100, and application 216 requests the user to verify the ID card stores the access history log together, and returns control to the authentication server a network interface 220. • 如果结果为匹配,那么认证服务器网络接口220产生一个形式为询问(challenge)字符序列的一次性密码,其被传输到客户终端200,并且使用询问字符序列作为哈希码,以将相关4言息进4亍加密,其祐J果存为相应的询问响应,用于可能的将来的参考。 • If the results match, then the authentication server network interface 220 generates a query form (Challenge) one-time password character sequence, which is transmitted to the client terminal 200, the character sequence as a query using a hash code, related to the statement 4 encrypted information into the right foot 4, which result is stored as J woo corresponding query response for possible future reference. •客户终端200使用收到的询问字符序列作为哈希码,以将先前存储的相关提交信息的未加密拷贝进行加密,然后将其发送到应用力艮务器202的网络4妄口214,作为其对应用登入程序的响应的一部分。 • the client terminal asks the received character sequence 200 used as a hash code, related to a previously stored unencrypted copy of the submitted information is encrypted, and then sends it to a force that works to apply a Network 4 202 jump port 214, as responsive to application of a part of the login process. • 应用服务器202的网络接口214由以上步骤接收经过哈希转换的相关信息,将其发送到应用服务216,该服务将其与来自客户终端的登录(LOG-ON)企图结合,并且,为了确认匹配结果,将收到的相关信息发送,该信息已被客户终端使用由认证服务器提供的询问序列进行哈希转换以作为询问响应。 • The application server 202 of the network interface 214 receives information from the above step through the converted hash, sending it to the application service 216, the service will attempt to bind to its log (LOG-ON) from the client terminal, and, in order to confirm matching results, transmits the received related information, the client terminal information has been used by the query sequence is provided by hashing the authentication server in response to a query converter. • 认证服务器204的网络接口220,由以上步骤接收来自应用月良务器的询问响应,将该响应发送到i人i正处理器222,该处理器将其与先前保存的预期询问响应的参考拷贝进行比较,以决定用户身份是否事实上已被授权。 • the authentication server 204 of the network interface 220, receives the query response from the application service is good month by the above step, the response to the processor 222 n i i person, the processor with the expected challenge response previously stored reference copies are compared to determine whether the user identity in fact has been authorized. • 由该比较产生的任何授权用户身份信息接着通过认证服务器网络接口220和应用服务器202的确认接口218而返回到应用程序216。 • any authorized user identification information generated by this comparison is then returned to the application 216 to confirm the authentication server interface 218, network interface 220, and application server 202. • 确认接口218通过认证以确认在初始登录企图时建立的用户身^f分已经生效。 • Make sure the interface 218 to confirm the establishment of certification at the time of initial user login attempts body ^ f points already in force. • 一旦用户身份被确认,认证(应用)程序216则通过应用月艮务器202的网络接口214进行与客户终端200的网络浏览器210直接通信。 • Once the user identity is confirmed, authentication (application) program 216 to communicate directly with Web browser client terminal 200 by the application 210 that works to May 202. Network interface 214. 图6示出了可选^人i正程序,其中所有的匹配通过安全CPU 114 在图4的ISO兼容卡上执行,并且没有采用外部认证服务器204。 Figure 6 shows an alternative n-i ^ al procedure, wherein all of the matching performed on the ISO compatible card of FIG. 4 by the Security CPU 114, and 204 without using an external authentication server. 图6的左边示出了由应用服务器202执行的功能,而右边示出了由ISO智能卡100执4亍的功能。 The left side of FIG. 6 illustrates a function performed by the application server 202, while the right side shows the right foot by 4 function 100 performed ISO smart card. 当将智能卡100插入读卡器208时,复位信号RST从读卡器发送到ISO CPU ( START方框502 )和指紋CPU 114 (指紋验证方框504),并且该两部4牛从读卡器208 4秦收电源VCC。 When the smart card 100 into the reader 208, the reset signal RST is sent from the reader to the ISO CPU (START block 502) and Fingerprint CPU 114 (Fingerprint verification block 504), and the two cows from the card reader 4 2084 Qin received power potential VCC. 然后ISO CPU 响应以ATR ( Answer-to-Reset复^f立应答)消息并如有必要则发出PPS (Protocol and parameters Selection十办i义与参凄t选择)(方冲匡506)。 ISO CPU then responds with ATR (Answer-to-Reset multiplexed Li ^ f response) message is issued and, if necessary PPS (Protocol and parameters Selection ten i do justice to a reference selected sad t) (red side Marina 506). 同时,指紋CPU进入等待状态以接收指紋数据,以及当从传感器110收到数据时,就执行认证程序(方框504 )。 At the same time, Fingerprint CPU enters a wait state for receiving Fingerprint data and when data is received from the sensor 110, the authentication program is executed (block 504). 当初始请求命令被应用216发送到ISO CPU 112 (方框508 )时,ISO CPU向安全CPU询问(方才匡510 ) i人i正状态。 When an initial request command is sent to the application 216 ISO CPU 112 (block 508), ISO CPU i i n state to the person asking the security CPU (Marina just 510). 如果响应为肯定,那么ISO CPU通过运^H青求命令以响应应用(方才匡512)。 If the response is positive, ISO CPU then transported by ^ H in response to the application request command cyan (Marina just 512). 否则(来自安全CPU 114的不管是错误信息还是没有响应)其不对请求命令做任何响应,而是等待新的第一请求(方框508b )。 Otherwise (no matter from Security CPU 114 is an error message or no response) it does not make any response request command, but to wait for a new first request (block 508b). 假定指紋被验证并且第一响应被及时收到且其被应用216确定是响应信号(方框514),那么请求/响应程序将将一直持续(方框516、 518、 520)到超出预定-睑证时限,在此期间不从该应用接收请求(方框S22),或者该应用不能接收预期响应(方框524)。 Assumed that fingerprint is verified and the first response was received in time and which is determined in response to signal application 216 (block 514), then the request / response program will continue (block 516, 518, 520) exceeding a predetermined - eyelid permit time, during which the application does not receive the request (block S22) from, or the application can not receive an expected response (block 524). 图7类似于图6的流程图,但是修改为采用了图5的典型生物验证卡。 FIG 7 is similar to the flowchart of FIG. 6, but modified to employ a typical biometric authentication card 5 of FIG. 图7的最左边示出了由应用服务器202执行的功能,下一列对应于读卡器208,再下一列描绘了ISO触点108,又下一列示出了由安全CPU 114执4亍的功能,而最右边则示出了由无变更ISO 智能卡112执行的功能。 The leftmost in FIG. 7 shows the function performed by the application server 202, the next column corresponds to Reader 208, then the next column depicts ISO contacts 108, and the next column shows functions performed by Security CPU 114 executing the right foot 4 , while the rightmost illustrates the functions performed by ISO smart card 112 without change. •当将智能卡插入读卡器时或者应用软件开始运行读卡器设备时,将复位信号550从读卡器208发送到安全CPU 114。 • When the smart card into the reader or the application software starts operation of card reader device when the reset signal 550 sent from the reader 208 to the safety CPU 114. • 安全CPU收到复位信号550之后不久,其发送相应的复位信号552到ISO CPU 112。 • After the safety CPU 550 receives the reset signal shortly, it sends a reset signal 552 corresponding to ISO CPU 112. 同时安全CPU等待来自指紋传感器的指紋数据。 CPU while waiting for the security of fingerprint data from the fingerprint sensor. • 由以上步骤收到复位信号552, ISO CPU产生ATR(Answer-to-Reset)响应554并此后如有必要则发出PPS (Protocol and parameters Selection )。 • reset signal is received by the above step 552, ISO CPU generates ATR (Answer-to-Reset) response 554 and thereafter if necessary issue PPS (Protocol and parameters Selection). • 安全CPU 114 —旦从ISO CPU收到ATR( Answer-to-Reset), 就立即将其,包括任何相关的PPS命令,传输到读卡器(方框556 )。 • Security CPU 114 - denier receives ATR (Answer-to-Reset), which immediately, including any associated PPS commands transmitted to the reader (block 556) the ISO CPU. • 同时,如果安全CPU收到指紋数据,那么其将执行前面描述的认证程序。 • Also, if the Security CPU receives fingerprint data, then it will perform the authentication procedure described above. 在认证检测结果为PASS的情况下,该通过状态将维持一定的时间周期。 In the case where the authentication of the detection result is PASS, the pass status is maintained a certain period of time. 如果结果为FAIL,那么安全CPU 114就等候新的指紋数据。 If the result is FAIL, then the security CPU 114 will wait to hear the new fingerprint data. • 由以上步骤运行该应用,将命令请求558发送到安全CPU, 只有在安全CPU仍然处于前面纟苗述的PASS ^犬态时或最后的正确响应具有多凄t据位组时,该安全CPU才将命令请求560发送到ISO CPU并还将其正确响应562发送到读卡器(才企测方冲匡564)。 • operation of the above steps of the application, a command request 558 is sent to Security CPU, only if the Security CPU is still in the PASS foregoing Si seedlings described ^ in dogs state or the last correct response having a plurality sad t data bit group, the security CPU the only command request 560 to ISO CPU and also transmits the correct response is sent to the card reader 562 (only half the measured red side Marina 564). • 否则(No分支566 )指紋CPU产生伪i青求(dummy request, 虚拟请求)568并将其发送到ISO CPU并还将该结果ERR 响应570发送到读卡器216,从而在请求中的序列号与响应中的序列号之间保持正确同步。 • Otherwise (No branch 566) Fingerprint CPU generates a pseudo i cyan request (dummy request, virtual request) 568 and sends it to the ISO CPU and also transmits the result ERR response 570 to Card Reader 216, such that the sequence in the request maintaining proper synchronization between the sequence number and the response number. 加密和保密在通过任何外部网络进行传输之前,优选地,将任何每t感凄t据和/或认证结果都进行加密,可采用DES、或Two Fish加密。 Encryption and Confidential prior to transmission over any external network, preferably any feeling sad t per t data and / or the authentication result are encrypted, can be DES, or Two Fish encryption. 加密密钥可以基于指紋获取或存储数据、用户ID编码、传感器的唯一分配编码、存々者器地址、存4诸器里邻近的凄t据、其它功能上相关的凄史据、先前的会话(事务处理)、IP地址、终端编码、或者指定的口令。 Encryption key may fetch or store data based on a fingerprint, encoded user ID uniquely assigned code, sensor's memory 々 address, stored in the various devices 4 adjacent desolate t data, other functionally related data desolate history, previous session (transaction), IP address, terminal code, or a password assigned. 可选地,敏感数据可以使用安全HTTPS协议以通过互联网发送。 Alternatively, sensitive data may be sent over the Internet using the secure HTTPS protocol. 为了才是供更强的安全性,可以将虚拟个人网关,例如硬件DES 力口密和解密,插入安全指紋认证服务器与网络连接之间,以及相应的应用月l务器与网络连接之间。 In order to provide stronger security is, the virtual personal gateway, such as hardware DES encryption and decryption force mouth, insert secure fingerprint authentication server and the network connection between the application and the corresponding month l Works with network connectivity between. 通过这样来使用这些虚拟网关或者虚拟专用网络("VPN"),将每文感lt据通过附加的加密层进4亍附加保护,例如DES 128 (通常用于VPN )和RSA (被HTTPS采用)。 By use of these virtual gateway or virtual private network ( "VPN"), each of the text data into sense lt right foot 4 additional protection by an additional layer of encryption, such as DES 128 (typically used for VPN), and the RSA (HTTPS are employed) . 为了特别安全的应用,所有的通信可以用附加的保密层来包围。 For especially secure applications, all communications may be surrounded by an additional layer of security. 特别地,较低层中的报文头可以在较高层中进行加密。 In particular, the lower layer header can be encrypted in a higher layer. 无线通信其它实施例可以包括用于既4姿触(ISO 7816 )操作又无线(ISO 1443A或B)操作的双重接口,并且优选地,安装有多接口电源单元,其允许在全部在一张卡上的ISO 7816 4妄触、ISO 1443 A、 ISO 1443 B、 ISO 15693和HID传统无线系统(在其它的之间)之间互用。 The wireless communication Other embodiments may include both contact pose 4 (ISO 7816) and wireless operation (ISO 1443A or B) a dual interface operation, and preferably, a plurality mounting interface power unit that allows a card at all ISO 7816 4 jump on contact, ISO 1443 a, ISO 1443 B, ISO 15693 and HID legacy wireless systems interoperability (among other) between. 可选地,卡可包括用于其它无线通信技术的备用件,例如蓝牙(短距离)或者蜂窝(中距离)或者微波(长距离)。 Alternatively, the card may include an alternate member of the other wireless communication technologies, such as Bluetooth (short range) or Cellular (distance) or microwave (long range). 接下来参照图8,其示出了具有可无线或者借助于电接插件连<接到本地终端的卡上生物—3iS正的智能卡。 Referring next to Figure 8, which shows a connector may be electrically connected by means of a wireless or <-3iS positive organisms on the card to a smart card local terminal. 其大部分结构和构造相似于前面描述的图1的实施例,并且同样的标号(可能以单引号加以区分)标示相似的元件。 Example most of its structure and configuration similar to that previously described in FIG. 1, and the same reference numbers (may be differentiated by single quotes) denote similar elements. 特别地,ISO CPU 112虽然显示在不同的位置(在触点108下面,而不是一侧),^f旦是有如前所述的相似功台匕ISO天线132包括通常i殳置在卡100的周边的两个环状天线, 并且向ISO CPU 112提供ISO兼容无线接口,用于使数据和功率相似于有线电接口108所提供的数据和功率。 In particular, ISO CPU 112, although shown in different positions (below the contact 108, rather than one side), ^ f denier is similar as described above power station antenna 132 comprises a generally dagger ISO i card 100 disposed in Shu surrounding two loop antennas, and a wireless interface compatible with the ISO CPU 112 provided ISO, for data and power similar to the power cable and the electrical data interface 108 is provided. 另夕卜,安全天线134(在所述例子中,内置天线132且只由一个环状天线构成)通过DC-DC 功率调节器120向安全CPU 114提供独立的电源。 Another Bu Xi, Security antenna 134 (in the example, the internal antenna 132 and is composed of only a loop antenna) provide independent power to the safety CPU 114 via DC-DC power regulator 120. 因为除了通过ISO CPU 112没有用于无线^t据的直接连接,所以存储在安全CPU 114 内的每文感H据不^皮该无线-接口石皮坏。 Because except through ISO CPU 112 is not directly connected to the wireless data ^ t, the sense of each packet stored within the secure H CPU 114 of the wireless data is not transdermal ^ - Interface stone skin bad. 可选地,如前所述的关于对外部读卡器和外部网^^只有有线连4妄的实施例,两个处理器的功能可以被合并,或者外部接口可以是通过安全CPU114而不是通过ISO CPU 112,其中必须将适当的无线安全措施结合到该变体构造中。 Alternatively, as described above with respect to the external reader and external network be wired only ^^ jump of Example 4, two processor functions may be combined, or may be an external interface rather than through the security CPU114 ISO CPU 112, which must be bound to the appropriate wireless security measures the variant structure. 图9是图8所示的卡的截面图。 9 is a sectional view of the card shown in FIG. 8. 注意到大多数所述元件包含在芯区126中,只有触点108延伸物穿过上保护层122。 Most of the notes contained in the element 126, only the contacts 108 extending through upper protective layer 122 was core region. 传感器110 的才乘作面通过上层122中的上窗口和PCB (印刷电路板)134中的下窗口以可访问,该PCB 134 ^皮布置在上层122和中心层126之间, 其提供各种电子元件之间必需的电连接,以及围绕传感器IIO有效区域的环绕的静电放电接地连接。 Only by sensor 110 for the plane through the upper window 122 and a PCB (printed circuit board) 134 to access the next window, the PCB 134 ^ blanket disposed between the upper layer 122 and central layer 126, which provides various the necessary electrical connections between the electronic components, electrostatic and surrounding area around the discharge sensor IIO effective ground connection. 下层124和》兹条128仍是可见的。 And lower 124 "is hereby Article 128 is still visible. 指紋传感器图10是传感器110的典型示意电路图,其中传感器单元402 阵歹'J 400 4非歹'J为4亍404和歹寸406。 The fingerprint sensor 10 is a schematic circuit diagram of a typical sensor 110, the sensor unit 402 wherein the array of bad 'J 400 4 non-bad' J 4 inch bad right foot 404 and 406. ^口上所述,每个单元402包才舌;敫活门410和变换器412。 ^ The upper port 402 of each cell packet before tongue; Jiao valve 410 and an inverter 412. 指紋由手指上皮月夫的凸部和凹部形成。 Fingerprint is formed by the projections and recesses of the finger epithelial Cardiff month. 当这些凸部之中的一个触及阵列400内单元402的附近时,每个传感器单元的变4奂器412经历一个积4成的和/或电的变^M其实际上产生了基于传感器表面上的由指尖上凸部和凹部引起的微压变化的指紋数字图像。 When a hit near the inner convex portions among the array units 402, 400, 4 Huan variable filter 412 of each sensor unit 4 through a product into and / or electrical variable which actually produces ^ M based on the sensor surface micro fingerprint digital image caused by the pressure change of the convex and concave portions fingertip on. 注意到尽管每个变换器412被描述为单个可变电容器, 但是有各种类型的变换器可以响应人类皮肤的这些凸部之中的一个的出现。 He noted that although each converter 412 is described as a single variable capacitor, but various types of converter may occur a response among the convex portions of the human skin. 在压力传感器压电薄膜变换器的特别实例中,该薄膜在单元的附近变形并且产生存4诸在连4妄到该单元的电容器中的电荷。 In a particular example of a pressure sensor piezoelectric film transducer, the film deformation and in the vicinity of unit memory 4 generates such jump to the charge of the capacitor unit connected in the 4. 电容器上的电压是由压电材料的变形形成的机械应力的函数,其进而是在单元上是凸部还是凹部的函数。 Voltage across the capacitor is a function of the mechanical stress formed by the deformation of the piezoelectric material, which in turn is a function of the unit is a convex portion or concave portion. 当来自相关列驱动414的信号将该单元的门410达到ON时以及当相关4亍驱动416净皮4妄地时, 电压出现在行的输出线路418上,并且在输出驱动420中转换成8 位数字信号。 When the door unit 410 reaches the ON signal from the associated column driver 414, and when the correlation right foot 4 4 net Paper jump drive 416, the voltage appearing on the row output line 418, and the output driver 420 is converted into 8 bit digital signal. 为了最大化地探测压电材料的变形,压电电气材料可以在弹性材料上形成,例如聚酰亚胺或者聚酰亚胺压电电气材料即可。 To maximize detect deformation of the piezoelectric material, the piezoelectric material may be formed on the electrical resilient material, such as polyimide or a polyimide piezo electric material can be. 其它典型的可以用类似的阵列组织实现的模拟变换器技术包括可变电阻和可变电容器。 Other typical analog converter technology can be implemented with a similar array organization include variable resistance and a variable capacitor. 可选地,每个单元可以包括简单的数字开关,其4又仅提供单比特信息;在此情况下,信息的附加的位可以由在同一区上提供多个单元或者由以更高的频率抽样每个单元来产生。 Alternatively, each unit may comprise a simple digital switch which provides only single bit and 4 information; in this case, additional bits of information may be provided by a plurality of units on the same region or at a higher frequency each unit generates sampling. 该可选实施例避免了对A/D转换器的需要。 This alternative embodiment avoids the need for A / D converter. 在典型实施例中,传感器只有0.33毫米厚并且足够坚固以嵌入到智能卡中并且不受静电、元件或者用户皮肤状态(湿、干、热、 冷)的影响。 Embodiment, the sensor is only 0.33 mm thick in typical embodiment, and strong enough to be embedded into a smart card and from static electricity, or the user's skin member state (wet, dry, hot, cold). 传感器110通常的装置单元尺寸是25微米至70樣支米并且通常的间距是25微米至70微米。 Sensor means 110 unit size is typically 25 microns to 70 meters and typically comp branched spacing is 25 microns to 70 microns. 典型传感器具有12.5平方毫米至25平方毫米的面积以及8 4立多级灵每文度。 A typical area sensor having a 12.5 to 25 mm2 and 84 each vertical multistage spirit of the text. 该传感器可以由TFT (薄膜晶体管)和压感电容器阵列制成,例如由薄膜压电材料形成, 例如钬钡氧化物或者锶钡氧化物,并且包括上电极,其覆盖并且保护整个传感区域。 The sensor may be made of a TFT (thin film transistor) and a pressure sensitive capacitor array, for example, a film formed of a piezoelectric material, e.g., barium oxide or barium strontium holmium oxide, and includes an upper electrode which covers and protects the entire sensing area. 如果采用才几械应力,那么将产生相应的电荷并且存储在薄膜压电电容器中。 If only a few mechanical stresses will be generated and stored in the respective charge capacitors in the piezoelectric film. 可选地,基于压力的传感器可制成TFT (薄膜晶体管)连同薄膜电容器,以及压感电容器的阵列,例如由压力传导材料片形成,例如碳化纤维分散橡胶片,金属(例如铜或锡或银),电镀的石友化纤维或纸底基玻璃纤维或金属,分散弹性材料(例如硅树脂)以及覆盖整个传感区的上电极片。 Alternatively, the pressure sensor can be made based TFT (Thin Film Transistor) along with thin film capacitor, and an array of pressure sensing capacitors, is formed by, for example, a pressure conductive sheet material, such as carbon fiber dispersed rubber sheet, metal (such as copper or silver or tin ),电镀的石友化纤维或纸底基玻璃纤维或金属,分散弹性材料(例如硅树脂)以及覆盖整个传感区的上电极片。指紋传感器元件402特别》见定的行和列驱动416、 414输出电数据到输出电路420,从而将表示用户指紋的物理输入转换为模拟电数据。然后输出电路420中的A/D转换器将该模拟电信号转换为数字电信号。每个薄膜晶体管选择性地将共享的行间互连转换为其相关的电容器上的电压,这样每个电容器上的电压可以被读取并且因此每个单元的变形可以被测量。优选地,薄膜晶体管的整个列被同时转4奐,乂人而在一个选定列中的多个单元(例如8个)可以在不同的4亍间互连上^皮并^f亍读取。多个门如行和列间的互连减少了互连的数量,而从相同列的不同行并行读取多个单元则减少了整个阵列的读取时间时,。来自传感器的输出电压可以由差动放大器放大。可以将该;改大器的输出采样和4呆持用于A/D转换器。基片可以是玻璃(例如非石咸性玻璃)、不锈钢、铝、陶瓷(例如氧化铝)、纸、3皮璃钢,^f旦优选是晶体硅薄4反。薄膜半导体材料可以是无定形硅、多晶硅、金刚石、或者任何其它半导体薄膜。压电材料可以是压电陶瓷,例如铅-锆酸盐-钛酸盐(lead-zirconate-titanate, PZT)薄膜,优选地,厚度范图11示出了形成在晶体硅的薄基卡上的传感器的栽体组合。和车lr出电路集成,然而在相对大而薄的石圭薄4反受到局部表面压力时将会弯曲和断裂。图示的载体提供了比同样整体厚度的硅片更结实的结构。如图所示,单片硅430大约0.1毫米厚,并且由相同厚度的玻璃钢框432围绕,其被安装在也是玻璃钢结构的垫板434上并且约0.05毫米厚。框432和垫板434可以很容易地使用传统的印刷电路板(PCB)技术来构造。特别地,垫板434的上和下表面由被玻璃钢芯分隔的薄铜层436所覆盖。框432包括多个在其外部边缘的焊盘440,用于连接到安全处理器114。薄硅片430用环氧树脂粘合到框432和板434,并且有效区由在围绕着受保护的上电极446的硅430的暴露的外边缘部444上的传统的布线连接442,电连接到才匡430中各自的电路。匹酉已算法对于处理能力有限并4又试图与单一参考样本估文简单的1:1匹配的本地卡上处理,指紋匹配软件可以是基于两个图案的细节的相对简单的比较。例如,指紋的灰度图像可以被减小到两个值,白和黑, 并且三维凸部纟皮转换成二维细线(矢量)。因而,该方法的准确性还受到以下问题:模糊、粘连、失真、线段部分缺失和其它的影响。尽管细节方法理论上正确率较低,但其需要较少的计算资源并且提供与许多现有数据库兼容的可能性。对于在具有更强处理能力的远程认证服务器上进行处理,可以要求更高的准确分辨率,例如"POC" ( Phase Only Correlation 4又相位对比)匹配算法。 POC是基于整个图像的宏匹配的验证算法。相反地,POC匹配大范围的结构信息-从细节到总图像。因此,POC能够提供加强的准确度来避免噪声,例如粘连和部分缺失。理论上, POC方法不受来自位置移动和亮度差异的不利影响,并且快速(对于脱机匹配约为0.1秒)和高准确度。例如,POC软件可以利用二维快速傅立叶变换("2DFFT")来执行两个指紋图案的空间频率比较。 2DFFT将表示指紋的物理二维分布的数字化数据阵列转换为频率空间,换句话说,将空间分布反转换,该处越高的密度图案具有越高的空间频率。翁:4争变4奐可用于乂于频率空间图案匹配进4亍匹配。因为不被指紋记录图案中的普通缺陷误导,POC将认为这些缺陷为噪音而细节分析将这些缺陷作为有意义的数据进行解释,所以POC 图案匹配与细节向量匹配相比有更多的优点。对于特别苛刻的应用,混合方法将可比其它任何单独的方法提供更高的准确度和安全性。例如,细节方法可以用在获取点上,而POC方法可以用在远程服务器上。作为另一个例子,匹配程序可以分析细节和空间关系以产生考虑了两种结果的结合的分数。应用前面描述的4支术提供了用于多样的应用,商用的和政府的,高水平的安全性。根据各种应用的要求,多种安全应用可以共存并在相同的卡上和/或相同的认证服务器上操作。在一个实施例中,单张卡可以包括多至24项独立的且安全的应用。例如,该技术将许可/ 拒绝访问(物理的和/或逻辑的),识别人员的4青确4立置和/或运动和/或监—见列出的名单,而且同时还运4亍其它安全应用,各应用相互间完全地且安全地隔离。当前可以预期的应用如下: •才几场ID/通4亍• 大厦保安•》艮馆房间通4亍和记帐• 医院• 在线游戏• 下载娱乐• 出生i正明• 计算机访问• 驾驶执照-TWIC• 电子钱包• 紧急医学信息• 炸药执照• 政府和军用i殳施通行• HAZMAT (危险物)许可证• 医疗〗呆险和福利卡• 停车场入cr• 护照• 航空4丸照• 港口ID/通行• 保险证明•社会保险卡•》良4亍信用卡• 签i正或者ii/出通4亍i正• 投票注册卡• 福利和4泉票印花卡对于许多的这些应用,优选地,卡的卡上存储器还提供各种私人信息的安全存储,其只有当注册的持卡人证明了其身份和授权该访问时才可进4亍访问。这些私人信息的实例有:• 管理信息,例如姓名、地址、出生日期、出生地点、国籍、 宗教、组织关系、社会保险号码、驾驶执照号码、护照号码、和移民信息例如签证类型、签证期限、国籍等。 • 财务4言息,例如电子4&包、VISA( VISA信用卡),MasterCard(万事达4言用卡),American Express (美国运通tT用卡)等信用卡信息,银行信息,例如银行名称、银行存款余额、 转帐信息、IRS (美国国税局)号码、破产记录、转帐信息等。 • 体征和健康信息,例如:识别个人的生物信息,例如身高、 体重、指紋、虹膜、视网膜、手尺寸、骨结构、声音、DNA; 血型;医学诊断检测结果;病史;药物;保险信息;对一定刺激的心理和生理反应等。 • 事件信息,例如犯罪记录、重罪、轻罪、违法。 •应急信息,例如墓地、亲属和其它联系信息、律师信息、 宗教4言息。 • 教育、工作历史,包括学校、学位、就职过的与FDD有关的/>司。 •数据访问历史(存储了进卡和出卡的访问历史H据)。 • ID相关信息,例如指紋图案、指紋处理图案、指紋图案的结果。 • 口令,例如7JC久口令、暂时口令、和/或一次汁生口令。 • 加密密钥,例如/>开密钥、个人密钥、和/或一次性密钥。 4妄下来描述典型的卡注册系统。申请人:填写申请表并且将其提交,优选地,包括照片和指紋。对于大部分申请人,才全查其文件附件并简单地在一个或多个政府和商业数据库中查对提交的信息就足以建立个人的真实身份。在其身〗分净皮识别后,申请人进入签发站,此处由发卡人将i人为必要的任何信息载入卡中。申请人将其手指放在卡上的传感器上。一旦指紋符合要求地置于传感器上并且被载入卡中,就将使卡上的突出受到电沖击,其烧断某些保险丝,以阻止任何人再次写入卡的该一定区域。然后,将该小突出切断/剪断(就像带有脐带的卡)。在该点处,卡只能通过ISO接触读卡器或者ISO无线系统进行读或者写。在网络i人证服务器的情况中,卡上所载同样数据的一些或者全部也是以加密形式传输到远程服务器,可以补充附加的通常不存4诸在卡上但是可能需要用于高安全性应用的数据。

Claims (50)

  1. 1.一种智能身份识别卡,包括: 卡上存储器,用于储存参考数据; 卡上传感器,用于捕获现场生物数据; 卡上微处理器,用于在预定阈值内将所捕获的生物数据和相应的存储的参考数据进行比较,且仅当在预定阈值内存在匹配时才产生验证消息;以及接口,用于将所述验证消息发送到外部网络,其中,所述验证消息至少包括来自所捕获的生物数据的摘录。 1. An intelligent identification card comprising: a card memory for storing reference data; card sensor for capturing live biometric data; a microprocessor on the card, is within a predetermined threshold value for the captured biometric data and the corresponding stored reference data, and only when the authentication message is generated if the matching threshold in a predetermined memory; and an interface for the verification message to an external network, wherein the verification message includes at least from the excerpt of capture of biological data.
  2. 2. 根据权利要求1所述的身份识别卡,其中,所述验证消息至少包括来自所存储的参考数据的摘录。 The identification card according to claim 1, wherein the verification message includes at least the stored reference data from excerpt.
  3. 3. 根据权利要求2所述的身份识别卡,其中,所述验证消息被传车lr到远禾呈iU正系统用于附加的驺ri正。 The identification card according to claim 2, wherein the authentication message is transmitted to the remote vehicle lr Wo system was used for additional positive iU Zou ri positive.
  4. 4. 根据权利要求3所述的身份识别卡,其中,所述远程认证系统包括与所述存储的参考数据不同的远程存储的参考数据。 4. The identification card according to claim 3, wherein the system comprises a remote authentication with the stored reference data of different remotely stored reference data.
  5. 5. 根据权利要求3所述的身份识别卡,其中,所述卡上微处理器使用与所述远程认证系统不同的匹配算法。 5. The identification card according to claim 3, wherein the microprocessor with the remote authentication system using different matching algorithms on the card.
  6. 6. 4艮据4又利要求2所述的身々分识别卡,其中,存々者在所述卡上存储器里的原始捕获的生物数据以及任何其它"私有"信息对于任何外部程序都是不可用的。 6.4 Gen body according to claims 4 and sub 々 identification card of claim 2, wherein the biological data of the original deposit 々 were captured in the memory on the card, and any other "private" messages are for any external program unavailable.
  7. 7. 根据权利要求2所述的身份识别卡,其中,所述卡是ISO兼容智能卡。 The identification card according to claim 2, wherein said card is an ISO-compliant smart card.
  8. 8. 根据权利要求7所述的身份识别卡,还包括ISO智能卡处理器。 8. The identification card of claim 7, further comprising a smart card processor ISO.
  9. 9. 根据权利要求8所述的身份识别卡,其中,用于储存和处理所述所捕获的生物数据的所述卡上微处理器被防火墙从功能上与所述ISO智能卡处理器隔离。 9. The identification card according to claim 8, wherein said card for storing and processing the captured biometric data with the microprocessor are separated by a firewall from the ISO smartcard processor function.
  10. 10. 根据权利要求8所述的身份识别卡,其中,进出所述卡上微处理器的所有外部数据均通过所述ISO智能卡处理器。 10. The identification card according to claim 8, wherein the card out of the microprocessor are all external data via the ISO smartcard processor.
  11. 11. 根据权利要求8所述的身份识别卡,其中,进出所述ISO智能卡处理器的所有外部lt据均通过所述卡上;f效处理器。 11. The identification card according to claim 8, wherein, out of the ISO smartcard processor are all external data lt through the card; F-efficient processors.
  12. 12. 4艮据4又利要求8所述的身份识别卡,其中,所述卡上樣t处理器具有:第一连接,用于在栽入程序期间载入数据;以及第二连接,连接到外部网络。 12.4 According Gen claims 4 and identification card of claim 8, wherein the sample processor card having a t: a first connection for loading data during Zairu program; and a second connector, connector to the external network.
  13. 13. 根据权利要求12所述的身份识别卡,其中,使所述第一连接在所述载入禾呈序完成之后7JC久禁用。 13. The identification card as claimed in claim 12, wherein said first connector in the form of grain loading sequence is completed after long 7JC disabled.
  14. 14. 根据权利要求8所述的身份识别卡,其中,用于存储和处理所述所捕获的生物数据的所述卡上微处理器被防火墙从功能上与所述ISO智能卡处理器隔离。 14. The identification card according to claim 8, wherein on said card for storing and processing the captured biometric data with the microprocessor are separated by a firewall from the ISO smartcard processor function.
  15. 15. 根据权利要求8所述的身份识别卡,其中:所述卡包括上磁条区域和下浮雕区域; 所述卡上传感器是指紋传感器;以及所述卡上纟效处理器、所述ISO智能卡处理器和所述指紋传感器均位于在所述上磁条区域和所述下浮雕区域之间的中间区域。 15. The identification card of claim 8, wherein: said card comprises an upper magnetic stripe region and a lower embossed region; on the card sensor is a fingerprint sensor; and the card processor efficiency Si, the ISO a smart card processor and the fingerprint sensor are located in the upper magnetic stripe region and the intermediate region between the relief regions.
  16. 16. 根据权利要求2所述的身份识别卡,其中,所述生物数据包括指紋^t据并且所述传感器是用于从》文在所述传感器上的用户的手指获取数据的指紋传感器。 16. The identification card of claim 2, wherein said biometric data comprises fingerprint data ^ t and the sensor is a fingerprint sensor for acquiring data from a "text user's finger on the sensor.
  17. 17. 根据权利要求16所述的身份识别卡,其中,当所述用户将其手指放到所述指紋传感器上方时,提供实时反馈,从而有助于所述手指在所述传感器上方进行最佳放置。 17. The identification card of claim 16, wherein, when the user put his finger over the fingerprint sensor to provide real-time feedback, to facilitate the optimum finger over the sensor placement.
  18. 18. 根据权利要求16所述的身份识别卡,其中,所述卡上微处理器适于采用混合匹配算法,所述混合匹配算法考虑了所捕获的生物凄t才居中的细节和全部空间关系。 18. The identification card of claim 16, wherein said card microprocessor adapted hybrid matching algorithm, the matching algorithm takes into account the mix of the captured biological sad t centered before all details and spatial relationships .
  19. 19. 根据权利要求16所述的身份识别卡,其中,所述指紋传感器包括通过垫寿反支承的晶体石圭片。 19. The identification card according to claim 16, wherein the fingerprint sensor comprises a sheet by Gui crystal stone pad life of counter-bearing.
  20. 20. 根据权利要求19所述的身份识别卡,其中,所述垫板包括夹在两个金属层之间的玻璃环氧树脂层。 20. The identification card according to claim 19, wherein said plate comprises a glass epoxy layer sandwiched between two metal layers.
  21. 21. 根据权利要求19所述的身份识别卡,其中,所述垫板由围绕所述^5圭片的载体框加固。 21. The identification card according to claim 19, wherein said backing plate is reinforced by a carrier frame surrounding the sheet Kyu ^ 5.
  22. 22. 根据权利要求1所述的身份识别卡,其中,所述卡还包括用于将所述卡的使用限定于预定位置的装置。 22. The identification card of claim 1, wherein said card further comprises the use of the card is limited to the predetermined position of the means for.
  23. 23. 根据权利要求1所述的身份识别卡,其中,所述接口是双接口, 包括:电4矣触接口;以及无线通4言接口。 23. The identification card according to claim 1, wherein said interface is a dual interface, comprising: an electrical contact 4 carry interface; and a wireless communication interfaces 4 words.
  24. 24. —种智能身份识别卡,包括:卡上传感器,用于捕获现场生物数据;第一-)^上处理器,与所述卡上传感器连接,所述第一-^ 上处理器包括用于存储参考数据的存储器,所述第一卡上处理器在预定阈值内将所捕获的生物数据和相应的存储的参考数据进行比较,并且仅当在预定阈值内匹配时才产生验证消息;第二卡上处理器,与所述第一""^上处理器连"t妄,用于"l丸行智能卡功能;以及接口,连4妻至所述第一^)^上处理器和所述第二卡上处理器中的任意一个,适于与外部网络通信,所述验证消息经由所述才妄口^皮传送到所述外部网络。 24. - kinds of intelligent identification card comprising: a card sensor for capturing live biometric data; a first -) ^ on a processor, connected to the sensor card, the first - ^ processor comprises a memory for storing reference data, biometric data on the first processor card within a predetermined threshold value and the captured corresponding stored reference data, and only when the authentication message generated match within a predetermined threshold value; first on the titanium card processor, the first, "" connected to the processor ^ "t jump, a" l pill line smart card function; and an interface connected to the first wife 4 ^) ^ and the processor said second arbitrary one of the processor card, adapted to communicate with an external network, the verification message via the port only jump ^ transdermal delivery to the external network.
  25. 25. 根据权利要求24所述的身份识别卡,其中,所述第二卡上处理器是ISO智能卡处理器。 25. The identification card of claim 24, wherein the second processor card is a smart card processor ISO.
  26. 26. 4艮据4又利要求25所述的身份识别卡,其中,所述第一-^上处理器通过防火墙与所述ISO智能卡处理器在功能上相分离。 26.4 According Gen claims 4 and identification card of claim 25, wherein said first - ^ through the firewall on a processor with the ISO smartcard processor relative separation function.
  27. 27. 根据权利要求25所述的身份识别卡,其中,到所述第一-^上处理器和来自所述第一^^上处理器的所有外部凄t據均通过所述ISO智能卡处理器。 27. The identification card according to claim 25, wherein said first to - ^ all external processor and sad ^^ t from said first data processor by each processor of the smart card ISO .
  28. 28. 根据权利要求25所述的身份识别卡,其中,到所述ISO智能卡处理器和来自所述ISO智能卡处理器的所有外部数据均通过所述第一-^"上处理器。 28. The identification card of claim 25, wherein the ISO smartcard processor and the external data from all the ISO smartcard processor are handled by the first - ^ "processor.
  29. 29. 根据权利要求28所述的身份识别卡,其中,所述笫一-^上处理器具有:第一连接,用于在载入程序期间载入数据;以及第二连4妻,连接到外部网络。 29. The identification card according to claim 28, wherein said Zi - ^ on a processor having: a first connection for loading data during a loading process; wife and second connection 4 is connected to the External network.
  30. 30. 根据权利要求24所述的身份识别卡,进一步包括:卡上位置检测器,用于确定所述身份识别卡的当前位置;以及用于基于所述当前位置来限制所述卡的使用的装置。 30. The identification card of claim 24, further comprises: a card position detector for determining the current position of the identification card; based on the current position and means for limiting the use of the card device.
  31. 31. 根据权利要求30所述的身份识别卡,其中,所述卡上位置检测器包括:全球定位卫星信号接收器。 31. The identification card of claim 30, wherein the card position detector comprising: a global positioning satellite signal receiver.
  32. 32. 根据权利要求24所述的智能身份识别卡,进一步包括:指示器,用于在用户在所述卡上传感器上操作他或她的手指时提供实时反馈,从而便于手指在所述传感器上的适当的放置。 32. The smart identification card of claim 24, further comprises: on the indicator, provide real time feedback to the user when the operation of his or her finger on the sensor on the card, the finger sensor to facilitate appropriate placement.
  33. 33. 根据权利要求24所述的身份识别卡,其中,所述接口是双接口,包括:电接触接口;以及无线通信4妻口。 33. The identification card of claim 24, wherein said interface is a dual interface, comprising: an electrical contact interface; and a wireless communication port 4 wife.
  34. 34. 根据权利要求33所述的身份识别卡,其中,所述无线通信接口包括:天线,连接到所述第二卡上处理器。 34. The identification card as claimed in claim 33, wherein the wireless communication interface comprising: an antenna coupled to the second card processor.
  35. 35. 根据权利要求34所述的身份识别卡,进一步包括:电源天线,连4妾至所述第一^^上处理器。 35. The identification card of claim 34, further including the claims: a power antenna, connected to said first concubine ^^ 4 processor.
  36. 36. —种用于识别智能身^分识别卡的用户的方法,所述智能身卡分识别卡包括用于存储参考数据的卡上存储器和卡上生物传感器,所述方法包4舌:使用所述卡上传感器捕获现场生物数据;在预定阈值内将所捕获的生物数据和存储在所述卡上存储器中的相应的参考数据进行比较;仅当在所述预定阈值内匹配时产生验证消息;以及将所述-睑证消息发送到外部网络,其中,所述验证消息至少包括来自所存储的参考数据的摘录,以及其中,所述-验i正消息至少包4舌来自所捕获的生物凄t据的摘录。 36. - Method for identifying a kind of a smart identification card itself ^ points of the user, the smart card body comprising a sub-tag reference data stored on a memory card and a card biosensor, said method tongue 4: Use field sensor captures biometric data on the card; the corresponding reference data in the memory is compared to a predetermined threshold value and the captured biometric data stored on the card; generating a verification message only when a match within the predetermined threshold value ; and the - message transmission to permit the eyelid external network, wherein the verification message includes at least the stored reference data from the extract, and wherein said - at least a test message packet i n the tongue 4 from the captured organisms It is sad t excerpts.
  37. 37. 4艮据冲又利要求36所述的方法,进一步包括:将所述-睑i正消息传输到远程i人i正系统用于附加的-验j正。 37.4 According to the method of claim 36 Burgundy red and claims, further comprising: the - eyelid i n i people message transmitted to the remote system for additional n-i - j test positive.
  38. 38. 根据权利要求37所述的方法,进一步包括:在所述远程i人i正系统中存储与本地存储在所述身份识别卡中的所述参考凄丈据不同的参考凄t据。 38. The method according to claim 37, further comprising: in said remote person i i n the storage system and stored locally in the identification card with reference to different feet according to sad t desolate reference data.
  39. 39. 根据权利要求37所述的方法,其中,在所述身份识别卡中使用的匹配算法不同于在所述远程认证系统处使用的匹配算法。 39. The method according to claim 37, wherein the matching algorithm used in the identification card is different from the matching algorithms used in the authentication system at the remote.
  40. 40. 根据权利要求36所述的方法,进一步包括:将所捕获的生物数据中的至少一些和所述参考数据传输到认证服务器,用于在任何授权在线访问用于处理涉及此用户的安全金融交易的应用服务器之前对用户身份进行安全验证。 40. The method according to claim 36, further comprising: at least some of the reference data transmitted to the authentication server The biometric data captured for any authorization online access for this user process involves a secure financial secure user identity verification prior to the application server transaction.
  41. 41. 根据权利要求36所述的方法,进一步包括:4妻收涉及在特定应用服务器上的特定登录企图的匹配请求;以及如果响应于所述匹配请求在认证服务器上产生肯定匹酉己,则执4亍安全三路i人i正协i义,所述i人i正十办i义包4舌:将询问字符序列从所述认证服务器发送到所述身份识别卡;基于所述询问字符序列和所述匹配请求,在所述身份i只别卡产生询问响应;将所述询问响应转发给所述应用服务器;将所述询问响应从所述应用服务器转发给所述认证月良务器;以及在所述iU正月良务器确i人所述询问响应是否有效。 41. The method according to claim 36, further comprising: wife 4 are concerned with the request matches a particular application on a particular server login attempts; and if the response to the matching request is generated on affirmative matching unitary hexyl authentication server, 4 safety Executive right foot triple co i i n i sense people, the people i i i n ten do justice tongue package 4: the query sequence of characters transmitted from the authentication server to the identification card; based on the query character sequence and the match request, not only in the identity card i challenge response is generated; in response to the query is forwarded to the application server; forwards the response to the inquiry from the application server the authentication service is good month ; and the challenge response is valid in the service is really good month iU i person.
  42. 42. —种用于识别智能身份识别卡的用户的方法,所述智能身份识别卡包括用于存储参考数据的卡上存储器、卡上生物传感器、安全处理器、以及ISO卡处理器,所述方法包括:使用所述卡上传感器捕获现场生物数据;使用所述安全处理器在预定阈值内将所捕获的生物数据和存储在所述卡上存储器中的相应的参考数据进行比较;4又当在所述预定阈值内匹配时,4吏用所述安全处理器产生—睑i正消息;经由接口将所述验证消息发送到外部网络;以及如果确认了所述用户的身份,则允许所述ISO卡处理器操作。 42. - user for identifying the kind of a smart card identification process, the smart identification card includes means for storing the reference data on the memory card, the biosensor card security processor, and ISO card processor, said a method comprising: capturing live biometric data sensor using the card; in the card memory a respective reference data using the security processor within a predetermined threshold of the captured biometric data and storage; and when 4 when a match within the predetermined threshold value, with said security processor 4 generates officials - i n eyelid message; authentication message via the interface to an external network; and if the identity of the user confirmation, allows the ISO card processor operation.
  43. 43. 根据权利要求42所述的方法,进一步包括:在载入程序期间经由第一连接将数据载入到所述安全处理器上;以及使所述第一连接在所述栽入程序完成之后永久禁用。 And causing said first connector after the program finishes Zairu; during the loading procedure via a first connection data loaded onto the security processor: 43. The method according to claim 42, further comprising permanently disabled.
  44. 44. 根据权利要求42所述的方法,其中,到所述ISO卡处理器和来自所述ISO卡处理器的所有外部数据均通过所述安全处理器的第二连接。 44. The method according to claim 42, wherein the ISO card processor and to all external data from the ISO card processor are connected to the second security processor by.
  45. 45. 根据权利要求42所述的方法,其中,到所述安全处理器和来自所述安全处理器的所有外部^t据均通过所述ISO卡处理器。 45. The method according to claim 42, wherein all external to the security processor and the secure processor from ^ t data by both the ISO card processor.
  46. 46. 根据权利要求42所述的方法,其中,所述生物数据包括指紋手指捕获数据的指紋传感器。 46. ​​The method according to claim 42, wherein said biometric data comprises fingerprint data of the fingerprint sensor captures a finger.
  47. 47. 根据权利要求46所述的方法,进一步包括:在所述用户在所述指紋传感器上操作他或她的手指时提供手指放置的实时反馈,从而便于手指在所述传感器上的适当的方文置。 47. The method according to claim 46, further comprising: providing real-time feedback of a finger is placed when the user operate his or her finger on the fingerprint sensor, thereby facilitating an appropriate side of the finger on the sensor Wen set.
  48. 48. 4艮据4又利要求42所述的方法,其中,所述比4交和所述4吏用所述安全处理器包括采用混合匹配算法,所述混合匹配算法考虑了所捕获的生物凝:据中的细节和全部空间关系。 48. The method according to 4 Gen claims 4 and 42, wherein the ratio of the 4 4 ​​cross and officials with the security processor comprises a hybrid matching algorithm, the matching algorithm takes into account the mix of the captured biological Ning: It is all in the details and spatial relationships.
  49. 49. 一种用于识别智能身份识别卡的用户的装置,所述智能身份识别卡包括用于存储参考数据的卡上存储器和卡上生物传感器,所述装置包括:捕获装置,用于使用所述卡上传感器捕获现场生物数据;比较装置,用于在预定阈值内将所捕获的生物凄t据和存储在所述卡上存储器中的相应的参考数据进行比较;产生装置,用于仅当在预定阈值内匹配时才产生验证消息;以及发送装置,用于将所述-验证消息发送到外部网络,其中,所述验证消息至少包括来自所捕获的生物数椐的摘录。 49. A smart user identification means for identification cards, the smart identification card includes a reference data stored on a memory card and a card biosensor, the apparatus comprising: capturing means for using the said sensor captures the card live biometric data; comparison means is within a predetermined threshold value for the captured biological sad t corresponding reference data and data stored in the memory on the card is compared; generating means for only if matching when a predetermined threshold value is generated in the validation message; and transmitting means for the - authentication message sent to the external network, wherein the verification message includes at least excerpts from the biological noted in the number of the captured.
  50. 50. —种用于识别智能身份识别卡的用户的装置,所述智能身份识别卡包括用于存储参考数据的卡上存储器、卡上生物传感器、安全处理器、以及ISO卡处理器,所述装置包括:捕获装置,用于使用所述卡上传感器捕获现场生物数据;比较装置,用于使用所述安全处理器在预定阈值内将所据进行比较;产生装置,用于仅当在预定阈值内匹配时才使用所述安全处理器产生—验i正消息;发送装置,用于经由接口将所述验i正消息发送到外部网络;以及允许装置,用于如果确认了所述用户的身份,则允许所述ISO卡处理器^:作。 50. - kind of user identification for identifying the smart card device, said smart identification card includes a reference data stored on the memory card, the biosensor card security processor, and ISO card processor, said apparatus comprising: capturing means for capturing the scene using the biological data sensor card; comparing means for using said security processor compares the data within a predetermined threshold value; generating means for a predetermined threshold value only when matching when using the said security processor generates - i n test message; transmitting means for transmitting to the external network interface message via the posterior i n; and allowing means for, if confirmed the identity of the user , it allows the ISO card processor ^: as.
CN 03825009 2002-09-10 2003-09-10 Secure biometric verification of identity CN100437635C (en)

Priority Applications (6)

Application Number Priority Date Filing Date Title
US40971602 true 2002-09-10 2002-09-10
US60/409,716 2002-09-10
US60/409,715 2002-09-10
US60/429,919 2002-11-27
US60/433,254 2002-12-13
US60/484,692 2003-07-03

Publications (2)

Publication Number Publication Date
CN1695163A true CN1695163A (en) 2005-11-09
CN100437635C true CN100437635C (en) 2008-11-26



Family Applications (1)

Application Number Title Priority Date Filing Date
CN 03825009 CN100437635C (en) 2002-09-10 2003-09-10 Secure biometric verification of identity

Country Status (1)

Country Link
CN (1) CN100437635C (en)

Families Citing this family (13)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101626296B (en) 2009-05-27 2012-04-18 飞天诚信科技股份有限公司 Method for enhancing security of input information and biological information acquisition equipment
CN101616416B (en) 2009-07-24 2012-08-29 中兴通讯股份有限公司 Method and equipment for authenticating smart card of communication terminal
CN102831335B (en) * 2011-06-16 2015-08-05 中国科学院数据与通信保护研究教育中心 Windows operating system security method and system
US8756680B2 (en) * 2011-08-02 2014-06-17 Corning Incorporated Biometric-enabled smart card
US9832189B2 (en) 2012-06-29 2017-11-28 Apple Inc. Automatic association of authentication credentials with biometrics
US9959539B2 (en) 2012-06-29 2018-05-01 Apple Inc. Continual authorization for secured functions
US9819676B2 (en) 2012-06-29 2017-11-14 Apple Inc. Biometric capture for unauthorized user identification
KR101231216B1 (en) * 2012-07-13 2013-02-07 주식회사 베프스 Removable storage device with fingerprint recognition and control method thereof
US20150082890A1 (en) * 2013-09-26 2015-03-26 Intel Corporation Biometric sensors for personal devices
CN103955733B (en) * 2014-04-22 2017-02-15 中国工商银行股份有限公司 E-ID card chip, card readers, electronic identity verification system and method
GB2529214B (en) * 2014-08-14 2016-10-19 Soloprotect Ltd An identity card holder and system
US9400914B2 (en) 2014-10-24 2016-07-26 Egis Technology Inc. Method and electronic device for generating fingerprint enrollment data
CN105069436A (en) * 2015-08-14 2015-11-18 广东欧珀移动通信有限公司 Control method and system based on fingerprint identification, and fingerprint identification module group

Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP0457398A2 (en) 1990-05-18 1991-11-21 Philips Electronics Uk Limited Fingerprint sensing
US5907627A (en) 1995-11-06 1999-05-25 Dew Engineering And Development Limited Contact imaging device
US5978495A (en) 1996-07-17 1999-11-02 Intelnet Inc. Method and apparatus for accurate determination of the identity of human beings
US5995630A (en) 1996-03-07 1999-11-30 Dew Engineering And Development Limited Biometric input with encryption
EP1006479A2 (en) 1998-12-04 2000-06-07 Stocko Contact GmbH &amp; Co. KG Authentication system for PC-cards
EP1074949A1 (en) 1999-08-02 2001-02-07 Ming-Shiang Shen Integrated circuit board with fingerprint verification capability
US6325285B1 (en) 1999-11-12 2001-12-04 At&T Corp. Smart card with integrated fingerprint reader

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JPH0518147B2 (en) 1983-07-29 1993-03-11 Tokyo Shibaura Electric Co

Patent Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP0457398A2 (en) 1990-05-18 1991-11-21 Philips Electronics Uk Limited Fingerprint sensing
US5907627A (en) 1995-11-06 1999-05-25 Dew Engineering And Development Limited Contact imaging device
US5995630A (en) 1996-03-07 1999-11-30 Dew Engineering And Development Limited Biometric input with encryption
US5978495A (en) 1996-07-17 1999-11-02 Intelnet Inc. Method and apparatus for accurate determination of the identity of human beings
EP1006479A2 (en) 1998-12-04 2000-06-07 Stocko Contact GmbH &amp; Co. KG Authentication system for PC-cards
EP1074949A1 (en) 1999-08-02 2001-02-07 Ming-Shiang Shen Integrated circuit board with fingerprint verification capability
US6325285B1 (en) 1999-11-12 2001-12-04 At&T Corp. Smart card with integrated fingerprint reader

Also Published As

Publication number Publication date Type
CN1695163A (en) 2005-11-09 application

Similar Documents

Publication Publication Date Title
US6325285B1 (en) Smart card with integrated fingerprint reader
US20140013406A1 (en) Embedded secure element for authentication, storage and transaction within a mobile terminal
US20030112120A1 (en) System &amp; method for biometric-based fraud protection
US20060213982A1 (en) Biometric identification device with smartcard capabilities
US20050039027A1 (en) Universal, biometric, self-authenticating identity computer having multiple communication ports
US20080005578A1 (en) System and method for traceless biometric identification
US20060229988A1 (en) Card settlement method using portable electronic device having fingerprint sensor
US20090010503A1 (en) Portable or embedded access and input devices and methods for giving access to access limited devices, apparatuses, appliances, systems or networks
US20050035200A1 (en) Secure smartcard sleeve
US20040085188A1 (en) Individual authentication device and cellular terminal apparatus
US6270011B1 (en) Remote credit card authentication system
US20080028230A1 (en) Biometric authentication proximity card
US7172115B2 (en) Biometric identification system
US20050012592A1 (en) Device and method of recognising at least one individual, the corresponding access control device and system and applications thereof
US20080223925A1 (en) Biometric Identity Verification System and Method
US20050240778A1 (en) Smart card for passport, electronic passport, and method, system, and apparatus for authenticating person holding smart card or electronic passport
US20090150994A1 (en) Biometric access control transactions
US20040148510A1 (en) Security device for online transaction
US7953670B2 (en) Biometrically secured identification authentication and card reader device
US20120095919A1 (en) Systems and methods for authenticating aspects of an online transaction using a secure peripheral device having a message display and/or user input
US20120032782A1 (en) System for restricted biometric access for a secure global online and electronic environment
US20090100269A1 (en) Biometric authentication method, computer program, authentication server, corresponding terminal and portable object
JPH11316818A (en) Method and device for remote identity verification using personal discrimination device
US20070283145A1 (en) Multi-Factor Security System With Portable Devices And Security Kernels
US7278025B2 (en) Secure biometric verification of identity

Legal Events

Date Code Title Description
C06 Publication
C10 Request of examination as to substance
C14 Granted
C17 Cessation of patent right