EP1116191B1 - Verfahren und vorrichtung zum prüfen der zugangsberechtigung zu einem system - Google Patents

Verfahren und vorrichtung zum prüfen der zugangsberechtigung zu einem system Download PDF

Info

Publication number
EP1116191B1
EP1116191B1 EP99969520A EP99969520A EP1116191B1 EP 1116191 B1 EP1116191 B1 EP 1116191B1 EP 99969520 A EP99969520 A EP 99969520A EP 99969520 A EP99969520 A EP 99969520A EP 1116191 B1 EP1116191 B1 EP 1116191B1
Authority
EP
European Patent Office
Prior art keywords
code
stored
access authorization
unit
memory
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Expired - Lifetime
Application number
EP99969520A
Other languages
German (de)
English (en)
French (fr)
Other versions
EP1116191A1 (de
Inventor
Manfred Bromba
Bernhard Raaf
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Siemens AG
Original Assignee
Siemens AG
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Siemens AG filed Critical Siemens AG
Publication of EP1116191A1 publication Critical patent/EP1116191A1/de
Application granted granted Critical
Publication of EP1116191B1 publication Critical patent/EP1116191B1/de
Anticipated expiration legal-status Critical
Expired - Lifetime legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C9/00Individual registration on entry or exit
    • G07C9/30Individual registration on entry or exit not involving the use of a pass
    • G07C9/32Individual registration on entry or exit not involving the use of a pass in combination with an identity check
    • G07C9/37Individual registration on entry or exit not involving the use of a pass in combination with an identity check using biometric data, e.g. fingerprints, iris scans or voice recognition

Definitions

  • the present invention relates to a method and a Device for checking access authorization to a System.
  • Such a system can be a cell phone, for example.
  • PIN code In mobile phones, it is common to use a so-called PIN code to use as access authorization. The user must in order to be able to make a call, a specific one known only to him Enter PIN-code. The mobile phone checks this PIN code and if the test is positive, gives the mobile phone to Free calls.
  • biometric identification methods have recently been used have been developed with biological characteristics of a user can be used for authentication (WO-A-9811750).
  • a such biometric identification is not an easy one, but comfortable and often very safe method that Assignment and access of a specific person to one To ensure service, thing or place.
  • there assigns the biometric identification to the PIN code the advantage that it cannot be forgotten and that or the biometric features are very complex or at all cannot be copied.
  • the PIN code is pure Software is, there is always one with biometric characteristics more or less clear assignment to the hardware, d. H. to the body of the authorized user.
  • biometric identification for example, computers that are connected via a network, such as the Internet, communicate with external services. With such communication, for example with Financial institutions, secure authentication is also required. So far, PIN codes have also been used here.
  • the method or the device in connection can be used with systems that use a conventional in a part of the system that is inaccessible to the user require stored access authorization code.
  • the method according to the invention is for testing an access authorization to a system, that the system has a modified code in advance, which is different from the one inaccessible to the user Access authorization code stored in the system distinguishes, is stored, the biological characteristics recorded by a user and stored in the system Features are compared and that if there is a match the features from the modified code using a calculation rule calculated a code to the inaccessible to users Part of the system transferred and there by means of stored access authorization codes is checked.
  • the device according to the invention for checking an access authorization a system includes a first one in detail Storage unit in which an access authorization code is stored and is inaccessible to users, one second storage unit in which a modified code, the differs from the access authorization code, and biological characteristics are stored, an input unit for entering and recording biological characteristics of a User, a first comparator unit with the input unit and the second storage unit is connected to Compare the biological characteristics recorded with the stored biological characteristics and to output a Access authorization signal, if that by means of the input unit recorded biological characteristics with those in the second Biological characteristics stored storage unit match, and a computing unit that is connected to the first comparator unit, the second storage unit and a second Storage unit is connected to calculate a code dependent on the modified code using a calculation rule from the receipt of the access authorization signal from the first comparator unit and for transferring the calculated Codes to the second comparator unit, the second comparator unit is connected to the first storage unit and the calculated and transmitted by the computing unit Code with that stored in the first storage unit Access authorization code compares and if there is a
  • a biometric Identification made possible in connection with a system becomes, the conventional, in an inaccessible to users Part of the system stored access authorization codes used.
  • the invention can thus be particularly simple existing systems can be applied without Change standards.
  • the code by means of Calculation rule depending on the modified code and calculated at least part of the biological characteristics.
  • the system is a cell phone with a SIM card
  • the access authorization code advantageously stored in encrypted form on the SIM card is and the biological characteristics to be tested as well the modified code in a read-only memory of the mobile phone are saved.
  • Advantage of this training for Mobile phones is that the mobile phone continues to use the GSM standard is sufficient because the access authorization code, d. H. the PIN number, not in a memory of the mobile phone itself is saved, but only in the SIM card.
  • the read-only memory of the mobile phone contains only the modified one Code that cannot be used by an unauthorized third party is.
  • the system comprises a computer and an external unit that has a Interface communicate with each other, the access authorization of a user accessing the computer to the external unit is checked.
  • the access authorization code is stored in the external unit be that is not accessible to the user.
  • the first memory is the memory of a bank.
  • the second memory which contains the biological characteristics to be tested and contains the modified code, the read-only memory of the computer itself. In this case, too Conventional verification of access authorization using PIN codes not be changed, although the authentication of the User done about biological characteristics.
  • the biological characteristics can be from the fingerprint or can be obtained from the iris of a user's eye.
  • a first part 8 is inaccessible or very difficult for a user accessible.
  • this part can be the SIM card a cell phone or the central computer of a bank.
  • the second part 7 of the device is for a user more accessible.
  • this part is a Mobile phone or a computer connected to the Internet communicates with external services.
  • the second part 7 has an input unit 1, via which biological characteristics can be recorded and implemented, that they can be compared to stored characteristics.
  • the input unit 1 is a fingerprint detector or a detector for the iris of an eye.
  • part 7 has a storage unit 2 in which biological initialization of the device Features that are detected by the input unit 1 as Data are stored. Furthermore, during initialization the device a modified code in the Storage unit 2 or in a separate from this Storage unit 2 provided storage unit.
  • a comparator unit 3 is both with the input unit 1 as well as connected to the storage unit 2. From the input unit 1, the recorded biological characteristics to the Transfer comparator unit 3 and there with the stored Features that the comparator unit 3 of the Storage unit 2 receives compared. If this comparison turns out positive, d. H. if the biological characteristics recorded match with the stored characteristics the storage unit 3 sends a signal to a computing unit 4th
  • the devices 1 to 4 thus replace the devices according to the invention Device for the direct input of, for example, a PIN code via an input unit. For this reason, the subsequent devices of the device, d. H. in particular the devices in the inaccessible to users Part 8 of the device are provided compared to conventional devices remain unchanged. This means, that a standard set for this part 8 is not needs to be changed.
  • the computing unit 4 transmits the code calculated by it to a second comparator unit 5.
  • this Access authorization code will be the PIN number that is in the SIM card is saved.
  • the comparator unit 5 gives over the line 9 an access authorization signal.
  • this access authorization signal is the system that the invention Device contains, communicated that the user who is biometric has been recorded via the input unit is.
  • step 10 the access authorization code is shown in one that is inaccessible or difficult to access for users Part of the system saved. Furthermore, in another Part of the system that is more accessible to users, a modified code in step 11 and biological code in step 12 Features saved. Steps 10 through 12 will be executed during initialization.
  • step 13 biological characteristics of the user recorded.
  • step 14 the detected biological characteristics with the in biological characteristics stored in step 12 compared. If the comparison is negative, i. H. that found will that the recorded biological characteristics with the stored characteristics do not match, the process returns back to step 13, and an access authorization will not be granted.
  • step 14 If the comparison in step 14 is positive, i. H. if the recorded biological characteristics with those in advance stored biological characteristics will match the modified code stored in step 11 by means of calculated a code based on a calculation rule. Preferably the code depending on the stored modified Code and a user's biological characteristics calculated. This calculated code is then on in step 16 transfer the part of the system that is inaccessible to users. There, this calculated code is then converted to conventional in step 17 Wisely checked and then in step 18 the access authorization granted.

Landscapes

  • Engineering & Computer Science (AREA)
  • Human Computer Interaction (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Measurement Of The Respiration, Hearing Ability, Form, And Blood Characteristics Of Living Organisms (AREA)
  • Collating Specific Patterns (AREA)
  • Mobile Radio Communication Systems (AREA)
EP99969520A 1998-09-22 1999-09-06 Verfahren und vorrichtung zum prüfen der zugangsberechtigung zu einem system Expired - Lifetime EP1116191B1 (de)

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
DE19843440 1998-09-22
DE19843440 1998-09-22
PCT/DE1999/002828 WO2000017823A1 (de) 1998-09-22 1999-09-06 Verfahren und vorrichtung zum prüfen der zugangsberechtigung zu einem system

Publications (2)

Publication Number Publication Date
EP1116191A1 EP1116191A1 (de) 2001-07-18
EP1116191B1 true EP1116191B1 (de) 2002-08-14

Family

ID=7881843

Family Applications (1)

Application Number Title Priority Date Filing Date
EP99969520A Expired - Lifetime EP1116191B1 (de) 1998-09-22 1999-09-06 Verfahren und vorrichtung zum prüfen der zugangsberechtigung zu einem system

Country Status (5)

Country Link
US (1) US20010047479A1 (zh)
EP (1) EP1116191B1 (zh)
CN (1) CN1319217A (zh)
DE (1) DE59902367D1 (zh)
WO (1) WO2000017823A1 (zh)

Families Citing this family (34)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7751600B2 (en) * 2000-04-18 2010-07-06 Semiconductor Energy Laboratory Co., Ltd. System and method for identifying an individual
US7836491B2 (en) 2000-04-26 2010-11-16 Semiconductor Energy Laboratory Co., Ltd. System for identifying an individual, a method for identifying an individual or a business method
KR100771258B1 (ko) 2000-05-09 2007-10-29 가부시키가이샤 한도오따이 에네루기 켄큐쇼 본인 인증 시스템과 본인 인증 방법 및 휴대 전화 장치
US20020049714A1 (en) * 2000-05-11 2002-04-25 Shunpei Yamazaki Communication system
AU2001273249A1 (en) * 2000-07-07 2002-01-21 Mink And Associates Inc. Method and system for using biometric sample to electronically access accounts and authorize transactions
US20030191703A1 (en) * 2002-02-01 2003-10-09 Ubs Painewebber Inc. Method and system for providing interested party access to aggregated accounts information
CZ2005209A3 (cs) * 2002-09-10 2005-12-14 Ivi Smart Technologies, Inc. Bezpečné biometrické ověření identity
US8090157B2 (en) 2005-01-26 2012-01-03 Honeywell International Inc. Approaches and apparatus for eye detection in a digital image
US7761453B2 (en) 2005-01-26 2010-07-20 Honeywell International Inc. Method and system for indexing and searching an iris image database
US8442276B2 (en) 2006-03-03 2013-05-14 Honeywell International Inc. Invariant radial iris segmentation
US8705808B2 (en) 2003-09-05 2014-04-22 Honeywell International Inc. Combined face and iris recognition system
US8098901B2 (en) 2005-01-26 2012-01-17 Honeywell International Inc. Standoff iris recognition system
US7593550B2 (en) 2005-01-26 2009-09-22 Honeywell International Inc. Distance iris recognition
US8064647B2 (en) 2006-03-03 2011-11-22 Honeywell International Inc. System for iris detection tracking and recognition at a distance
US8918900B2 (en) * 2004-04-26 2014-12-23 Ivi Holdings Ltd. Smart card for passport, electronic passport, and method, system, and apparatus for authenticating person holding smart card or electronic passport
CN100428108C (zh) * 2005-09-30 2008-10-22 联想(北京)有限公司 一种数据加密存储的方法
JP2009529197A (ja) 2006-03-03 2009-08-13 ハネウェル・インターナショナル・インコーポレーテッド モジュールバイオメトリクス収集システムアーキテクチャ
KR101299074B1 (ko) 2006-03-03 2013-08-30 허니웰 인터내셔널 인코포레이티드 홍채 인코딩 시스템
JP4738488B2 (ja) 2006-03-03 2011-08-03 ハネウェル・インターナショナル・インコーポレーテッド 画像品質メトリックを有する虹彩認識システム
WO2007101275A1 (en) 2006-03-03 2007-09-07 Honeywell International, Inc. Camera with auto-focus capability
WO2007101276A1 (en) 2006-03-03 2007-09-07 Honeywell International, Inc. Single lens splitter camera
US20100131414A1 (en) * 2007-03-14 2010-05-27 Gavin Randall Tame Personal identification device for secure transactions
US8063889B2 (en) 2007-04-25 2011-11-22 Honeywell International Inc. Biometric data collection system
US8436907B2 (en) 2008-05-09 2013-05-07 Honeywell International Inc. Heterogeneous video capturing system
US8213782B2 (en) 2008-08-07 2012-07-03 Honeywell International Inc. Predictive autofocusing system
US8090246B2 (en) 2008-08-08 2012-01-03 Honeywell International Inc. Image acquisition system
US8280119B2 (en) 2008-12-05 2012-10-02 Honeywell International Inc. Iris recognition system using quality metrics
US8406428B2 (en) * 2008-12-11 2013-03-26 International Business Machines Corporation Secure method and apparatus to verify personal identity over a network
US8043459B2 (en) * 2009-02-24 2011-10-25 GM Global Technology Operations LLC Reversible dry adhesives for wet and dry conditions
US8472681B2 (en) 2009-06-15 2013-06-25 Honeywell International Inc. Iris and ocular recognition system using trace transforms
US8630464B2 (en) 2009-06-15 2014-01-14 Honeywell International Inc. Adaptive iris matching using database indexing
US8742887B2 (en) 2010-09-03 2014-06-03 Honeywell International Inc. Biometric visitor check system
US8744974B2 (en) 2011-03-12 2014-06-03 Mocapay, Inc. Systems and methods for secure wireless payment transactions when a wireless network is unavailable
WO2013045506A1 (en) 2011-09-27 2013-04-04 Novo Nordisk A/S Medical system configured to collect and transfer data

Family Cites Families (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP0444396B2 (de) * 1990-01-30 2000-11-02 AMPHENOL-TUCHEL ELECTRONICS GmbH Kontaktiereinrichtung für ein SI-Modul
US5712912A (en) * 1995-07-28 1998-01-27 Mytec Technologies Inc. Method and apparatus for securely handling a personal identification number or cryptographic key using biometric techniques
US5613012A (en) * 1994-11-28 1997-03-18 Smarttouch, Llc. Tokenless identification system for authorization of electronic transactions and electronic transmissions
CA2156236C (en) * 1995-08-16 1999-07-20 Stephen J. Borza Biometrically secured control system for preventing the unauthorized use of a vehicle
WO1998011750A2 (en) * 1996-09-11 1998-03-19 Yang Li Method of using fingerprints to authenticate wireless communications
US6219793B1 (en) * 1996-09-11 2001-04-17 Hush, Inc. Method of using fingerprints to authenticate wireless communications
US6148094A (en) * 1996-09-30 2000-11-14 David J. Kinsella Pointing device with biometric sensor
EP0863491A1 (en) * 1997-03-03 1998-09-09 BRITISH TELECOMMUNICATIONS public limited company Security check provision

Also Published As

Publication number Publication date
US20010047479A1 (en) 2001-11-29
EP1116191A1 (de) 2001-07-18
WO2000017823A1 (de) 2000-03-30
DE59902367D1 (de) 2002-09-19
CN1319217A (zh) 2001-10-24

Similar Documents

Publication Publication Date Title
EP1116191B1 (de) Verfahren und vorrichtung zum prüfen der zugangsberechtigung zu einem system
EP1121668B1 (de) Vorrichtung und verfahren zur biometrischen identifikation einer person
EP0950229B1 (de) Verfahren, system und vorrichtungen zur bestimmung der authentizität von personen
DE19722424C5 (de) Verfahren zum Sichern eines Zugreifens auf ein fernab gelegenes System
DE69727519T2 (de) Datennetzwerk mit Stimmkontrollmitteln
DE102007033812B4 (de) Verfahren und Anordnung zur Authentifizierung eines Nutzers von Einrichtungen, eines Dienstes, einer Datenbasis oder eines Datennetzes
DE69839274T2 (de) System und verfahren zum absichern von sprachtransaktionen
EP1188151B1 (de) Einrichtungen und verfahren zur biometrischen authentisierung
DE19903822A1 (de) Verfahren zur Durchführung bargeldloser Zahlungen und System zur Durchführung des Verfahrens
WO2001062016A2 (de) Verfahren zum feststellen der authentizität eines dienste-nutzers und vorrichtung zum durchführen des verfahrens
EP1424659A1 (de) Elektronisches Gerät und Verfahren zur Authentifikation eines Benutzers dieses Gerätes
EP1749395B1 (de) Verfahren zum autorisieren einer fernmündlichen transaktion und vermittlungsknoten
DE102017001879A1 (de) Verfahren zur Verifizierung der Identität eines Nutzers
WO1999045690A1 (de) Verfahren und vorrichtung zum universellen und gesicherten zugang zu telefonnetzen
DE60023978T2 (de) Verfahren und System in einem Fernsprechvermittlungssystem
DE102005003208B4 (de) Authentisierung eines Benutzers
EP1887503A1 (de) Verfahren und System zur Durchführung eines Zahlungsvorgangs mit einem Zahlungsmittel
EP0886246B1 (de) Verfahren zum Betreiben einer Anlage zur Nutzung einer Chipkarte mit Multifunktionschip und mit Voice-Print
EP1081911B1 (de) Verfahren und Vorrichtung zur Authentifikation für eine Vielzahl von Diensten
WO2020126675A1 (de) Abwicklungssystem
DE102013100227B4 (de) Biometrische Online-Altersverifizierung
EP1935202A1 (de) Entsperren von mobilfunkkarten
DE102004049878B4 (de) System und Verfahren zur Überprüfung einer Zugangsberechtigung
DE102013012409A1 (de) Identifikationsverfahren
DE102019212658A1 (de) Zugangskontrolle zu in einer Speichervorrichtung gespeicherten Daten

Legal Events

Date Code Title Description
PUAI Public reference made under article 153(3) epc to a published international application that has entered the european phase

Free format text: ORIGINAL CODE: 0009012

17P Request for examination filed

Effective date: 20010104

AK Designated contracting states

Kind code of ref document: A1

Designated state(s): AT BE CH CY DE DK ES FI FR GB GR IE IT LI LU MC NL PT SE

GRAG Despatch of communication of intention to grant

Free format text: ORIGINAL CODE: EPIDOS AGRA

GRAG Despatch of communication of intention to grant

Free format text: ORIGINAL CODE: EPIDOS AGRA

GRAH Despatch of communication of intention to grant a patent

Free format text: ORIGINAL CODE: EPIDOS IGRA

17Q First examination report despatched

Effective date: 20020204

GRAH Despatch of communication of intention to grant a patent

Free format text: ORIGINAL CODE: EPIDOS IGRA

GRAA (expected) grant

Free format text: ORIGINAL CODE: 0009210

AK Designated contracting states

Kind code of ref document: B1

Designated state(s): DE FR GB

REG Reference to a national code

Ref country code: GB

Ref legal event code: FG4D

Free format text: NOT ENGLISH

REF Corresponds to:

Ref document number: 59902367

Country of ref document: DE

Date of ref document: 20020919

GBT Gb: translation of ep patent filed (gb section 77(6)(a)/1977)

Effective date: 20021028

ET Fr: translation filed
PLBE No opposition filed within time limit

Free format text: ORIGINAL CODE: 0009261

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: NO OPPOSITION FILED WITHIN TIME LIMIT

26N No opposition filed

Effective date: 20030515

REG Reference to a national code

Ref country code: FR

Ref legal event code: PLFP

Year of fee payment: 18

REG Reference to a national code

Ref country code: FR

Ref legal event code: PLFP

Year of fee payment: 19

REG Reference to a national code

Ref country code: FR

Ref legal event code: PLFP

Year of fee payment: 20

PGFP Annual fee paid to national office [announced via postgrant information from national office to epo]

Ref country code: FR

Payment date: 20180924

Year of fee payment: 20

PGFP Annual fee paid to national office [announced via postgrant information from national office to epo]

Ref country code: GB

Payment date: 20180911

Year of fee payment: 20

PGFP Annual fee paid to national office [announced via postgrant information from national office to epo]

Ref country code: DE

Payment date: 20181119

Year of fee payment: 20

REG Reference to a national code

Ref country code: DE

Ref legal event code: R071

Ref document number: 59902367

Country of ref document: DE

REG Reference to a national code

Ref country code: GB

Ref legal event code: PE20

Expiry date: 20190905

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: GB

Free format text: LAPSE BECAUSE OF EXPIRATION OF PROTECTION

Effective date: 20190905