EP2300955A1 - Method and apparatus for improving biometric identification systems - Google Patents
Method and apparatus for improving biometric identification systemsInfo
- Publication number
- EP2300955A1 EP2300955A1 EP09780040A EP09780040A EP2300955A1 EP 2300955 A1 EP2300955 A1 EP 2300955A1 EP 09780040 A EP09780040 A EP 09780040A EP 09780040 A EP09780040 A EP 09780040A EP 2300955 A1 EP2300955 A1 EP 2300955A1
- Authority
- EP
- European Patent Office
- Prior art keywords
- person
- task
- biometric data
- recognition
- determining
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Withdrawn
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/32—User authentication using biometric data, e.g. fingerprints, iris scans or voiceprints
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/36—User authentication by graphic or iconic representation
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/40—User authentication by quorum, i.e. whereby two or more security principals are required
Definitions
- the present invention relates to a method and a device for identifying a person, in which biometric data of the person to be identified are detected, wherein the person to be identified must carry out a recognition action on the basis of which the biometric data used for identification are determined.
- Biometric methods are increasingly used to identify people, for example when accessing security areas or when logging into a data processing system such as a personal computer PC.
- the reason for this is that the widespread password as a means of identification and access control has a variety of security vulnerabilities and on the other hand is uncomfortable for the user, because he is supposed to change the password very often for security reasons, but on the other hand, problems arise with the memory , As a result, users either rely on consistent, insecure passwords or have difficulty identifying access.
- Biometric identification systems have the advantage over here of being much safer because access to the biometric data, i. the ability to copy them is much more difficult than with a password, which is easy to use if there is insufficient secrecy.
- biometric identification systems are more comfortable for the user since they automatically carry the biometric properties with them without any effort, so that they do not have to remember a password.
- a corresponding method or a corresponding device should continue to be simple to set up and to use, so that the advantages of the biometric method with regard to a high level of comfort for the user are maintained.
- the present invention is based on the recognition that the use of an already used record or signal set for unauthorized access or for a false identification of a person (replay attack) already effectively can be avoided if the biometric method at least two, preferably are based on multiple recognition actions, so that in particular by chance one of the two or more recognition actions for the appropriate access control can be selected.
- a detection action for a biometric method may be to detect a human body part, such as a fingerprint or an eye. Since the human usually has two eyes, there is the possibility of using either the left or the right eye in the detection via the eye. When fingerprint recognition, the ten different fingers can use Find. Since human body parts are usually not 100% identical, it can also be seen which body part is actually used.
- the identification system is now designed such that the recognition action is predetermined by the system and is selected from a plurality, that is to say at least two recognition actions, there is a certain probability that in an attempt to avoid identification with stored data, an incorrect recognition action will occur previously recorded without permission, is used so that the delusion attempt can be detected.
- a real, living person life recognition
- Such a security function could only be overcome if all possible recognition actions were available as a record for the deception maneuver.
- a corresponding safety function can also be used very well, for example, in the biometric method of tipper recognition, in which the recognition of the person to be identified on the operation of a keyboard or a keypad or the like is carried out by analyzing the typing behavior.
- the inventive system for identifying a person can specify a specific text for typing on a keyboard or a specific sequence of keys, so that the system can already see whether simple comparison of whether the correct keys or correct key sequence has been pressed Actual acts of recognition have been made for the current access, or whether attempts have been made to gain unauthorized access to previously recorded recognition acts or to pretend a false identity.
- a corresponding biometric identification system can also be improved by the fact that the corresponding identification system provides an additional task for the solution by the person to be identified, the task being designed in such a way that it is tuned to human capabilities, ie that the task of a Can be solved much faster than by a machine or a computing device, or that it can actually only be solved by one person.
- additional tasks may include recognizing structures in an image and rendering the recognized structure and / or answering a question about the structure to be recognized.
- the system may display an image comprising a structure of a sequence of numbers and / or letters, wherein the numbers and / or letters may be arranged in arbitrary orientations.
- a display device such as a monitor
- the system may display an image comprising a structure of a sequence of numbers and / or letters, wherein the numbers and / or letters may be arranged in arbitrary orientations.
- the solution of the additional task may be required that the solution of the additional task must at least be started or completed within a specific time requirement, the time requirement being oriented to an average person. If this time requirement is exceeded, the system determines this and aborts the identification with a negative result, because it can not be a human user, but the possibility of an attempt to make an unauthorized identification based on an automated detection.
- the additional security features can be integrated into the actual recognition by inputting a key operation.
- the selection of a specific text to be entered already be associated with the display of an image in which the text is easy to recognize only for a human, so that this additional task for the recognition of a structure is already integrated.
- the time component ie the check whether the beginning until the user starts typing the string or the conclusion until the user has typed in the correct string, within a predetermined period of time, so that all the additional security features of the Present invention, namely specification of a specific recognition action of a plurality of recognition actions (input of a particular text or a typing sequence), solving an additional task (reading the text or typing sequence to be typed from a non-machine readable image) and time control in the biometric method by means of Tipperken-. tion can be realized in a simple manner.
- Figure 1 is a view of a data processing system with which the inventive method can be performed, and which is configured to a corresponding device according to the invention
- Figure 2 is an illustration of a structure in an image that may be used in the present invention.
- Figure 3 is an illustration of another structure in an image for use with the present invention.
- biometric methods can be used which are based on the recognition of a body part, for example the eyes or the fingerprints, or in which by means of an input into a direction by the person to be identified biometric data can be detected.
- This may be, for example, a voice recognition in which the user has to speak a certain or arbitrary sentence, so that the frequencies, frequency sequences and the like can be determined from the detected sounds and sounds so as to determine the identity of a user.
- Another possibility is to capture the typing behavior of the user when operating a keyboard. This can be done, for example, by the user entering any desired text or code or the like in a keyboard.
- a keyboard is here to be understood very broadly, so that it can be a common keyboard of a personal computer PC or a truncated numeric keypad for access control or a keypad for entering a key sequence in the manner of a Morse code.
- the keys of a corresponding keyboard can also be configured in a variety of ways. These may be conventional push-button computer keyboard keys, touch-sensitive keypads of a surface such as a screen, or the like.
- FIG. 1 shows a normal personal computer PC 1 with a screen 2 as an output device and a conventional keyboard 3 as an input device.
- a personal computer system may be configured as an identification device according to the present invention, so that a method for identifying a person according to the present invention proceeds thereon.
- the biometric method is based on the tipper identification, as already described in various documents.
- the present invention is not limited to biometric data acquisition by means of tipper identification, nor to the embodiment of a tipper identification identification described in the above-cited PCT application.
- the identification of a user of the PC 1 can be done, for example, in such a way that the user is prompted when starting the system to enter a specific or arbitrary text via the keyboard 3.
- a data processing program for identifying the user is stored, which runs accordingly and controls the identification process.
- the data processing program forms a detection device which detects values and / or electrical signals, which are triggered by the actuation of the keyboard 3, from sensors and the keyboard 3 and evaluates them such that information about the typing behavior is generated by a user corresponding evaluation unit, which is also realized for the most part by the data processing program to be compared with stored biometric data of a person to be identified, so that the identity of the user can be determined with a corresponding match.
- the corresponding software-equipped PC 1 further realizes a module for determining the authenticity of the biometric data according to the present invention, in order to rule out that fake biometric data are used which in a previous identification z. B. have been detected and stored by spyware or the like and are now linden in the stored form automatically for access to the PC system use.
- the module for determining the genuineness of the biometric data is provided with a task generator which generates an additional task, which would like to have access to the PC system 1 from the person to be identified or the user, preferably within one for a human usual time frame must be solved.
- This task is designed in such a way that a machine or an automated system can not solve such a task at all or only with a considerably higher expenditure of time.
- CAPTCHA Computer Automated Public Turing Test to keep Computers and Humans apart (full automatic public Turing test to distinguish computers and humans)
- Such tests include, for example, the recognition of a letter and / or number sequence, wherein the letters and / or numbers are arranged in any orientation, in particular against a background that makes the automatic pattern recognition for a machine or a computer extremely difficult.
- structures such as simple objects can be displayed in a manner that also makes it difficult for an automatic recognition system to recognize the corresponding object.
- This can be done, for example, that the object consists of a plurality of same-colored or differently colored areas, the background is also composed of similarly shaped or similar colored areas, so that for a trained human eye, the object is very quickly recognizable while a automatic recognition system must perform a lengthy pattern matching, if any pattern recognition is possible.
- FIGS. 2 and 3 Examples of this are shown in FIGS. 2 and 3, in which an image with a letter number sequence AB 12 is provided in FIG. 2 against a background with further lines and the like, wherein the letters and numbers are provided in different orientations.
- the letter-number sequence of the image 4 can be displayed on the monitor 2, the user then having to enter the corresponding letter or digit sequence in an input mask 5 via the keyboard 3.
- FIG. 3 shows a further variant of such a task matched to human capabilities, in which a simple structure, such as the table 6, has to be recognized against a background with a large number of similar surfaces 7.
- the time component can be designed such that a correct input, that is to say the solution of the additional task, must take place within a specific time frame. Additionally or alternatively, this can also be designed so that at least with the input, z. B. the password, must be started.
Abstract
Description
Claims
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
DE200810040258 DE102008040258A1 (en) | 2008-07-08 | 2008-07-08 | Method and device for improving biometric identification systems |
PCT/EP2009/058210 WO2010003849A1 (en) | 2008-07-08 | 2009-06-30 | Method and apparatus for improving biometric identification systems |
Publications (1)
Publication Number | Publication Date |
---|---|
EP2300955A1 true EP2300955A1 (en) | 2011-03-30 |
Family
ID=41165610
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
EP09780040A Withdrawn EP2300955A1 (en) | 2008-07-08 | 2009-06-30 | Method and apparatus for improving biometric identification systems |
Country Status (6)
Country | Link |
---|---|
EP (1) | EP2300955A1 (en) |
JP (1) | JP2011527475A (en) |
CN (1) | CN102089766A (en) |
DE (1) | DE102008040258A1 (en) |
EA (1) | EA201071382A1 (en) |
WO (1) | WO2010003849A1 (en) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN110351326A (en) * | 2018-04-03 | 2019-10-18 | 松下电器(美国)知识产权公司 | Information processing method, information processing unit and information processing system |
Families Citing this family (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US9104854B2 (en) * | 2011-08-17 | 2015-08-11 | Qualcomm Incorporated | Method and apparatus using a CAPTCHA having visual information related to the CAPTCHA's source |
DE102011120779B4 (en) | 2011-12-09 | 2022-02-17 | Volkswagen Aktiengesellschaft | Method, control means and system for manually switching on a high-voltage voltage for a vehicle |
JP6369543B2 (en) * | 2014-06-19 | 2018-08-08 | 日本電気株式会社 | Authentication device, authentication system, authentication method, and computer program |
WO2016125579A1 (en) * | 2015-02-04 | 2016-08-11 | 住友化学株式会社 | Method for manufacturing niobic-acid-based ferroelectric thin-film element |
Family Cites Families (9)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
DE19631484C1 (en) | 1996-08-03 | 1998-03-05 | Dieter Bartmann | Method for verifying the identity of a user of a data processing system to be operated with a keyboard for generating alphanumeric characters |
WO1999042992A1 (en) * | 1998-02-24 | 1999-08-26 | Holoubek Michael J | Randomly generated voice recognition method and apparatus |
DE10051461A1 (en) * | 2000-10-17 | 2002-04-25 | Siemens Ag | Method and system for identifying a user |
US7149899B2 (en) * | 2002-04-25 | 2006-12-12 | Intertrust Technologies Corp. | Establishing a secure channel with a human user |
US20090153292A1 (en) * | 2005-11-23 | 2009-06-18 | Daniel Farb | Business and software security and storage methods, devices and applications |
US8145914B2 (en) * | 2005-12-15 | 2012-03-27 | Microsoft Corporation | Client-side CAPTCHA ceremony for user verification |
US7864987B2 (en) * | 2006-04-18 | 2011-01-04 | Infosys Technologies Ltd. | Methods and systems for secured access to devices and systems |
US7552467B2 (en) * | 2006-04-24 | 2009-06-23 | Jeffrey Dean Lindsay | Security systems for protecting an asset |
EP2020114A4 (en) * | 2006-05-24 | 2014-01-22 | Vidoop L L C | Graphical image authentication and security system |
-
2008
- 2008-07-08 DE DE200810040258 patent/DE102008040258A1/en not_active Withdrawn
-
2009
- 2009-06-30 WO PCT/EP2009/058210 patent/WO2010003849A1/en active Application Filing
- 2009-06-30 EP EP09780040A patent/EP2300955A1/en not_active Withdrawn
- 2009-06-30 EA EA201071382A patent/EA201071382A1/en unknown
- 2009-06-30 JP JP2011517089A patent/JP2011527475A/en not_active Withdrawn
- 2009-06-30 CN CN2009801265581A patent/CN102089766A/en active Pending
Non-Patent Citations (1)
Title |
---|
See references of WO2010003849A1 * |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN110351326A (en) * | 2018-04-03 | 2019-10-18 | 松下电器(美国)知识产权公司 | Information processing method, information processing unit and information processing system |
CN110351326B (en) * | 2018-04-03 | 2023-06-30 | 松下电器(美国)知识产权公司 | Information processing method, information processing apparatus, and information processing system |
Also Published As
Publication number | Publication date |
---|---|
DE102008040258A1 (en) | 2010-01-14 |
EA201071382A1 (en) | 2011-08-30 |
WO2010003849A1 (en) | 2010-01-14 |
JP2011527475A (en) | 2011-10-27 |
CN102089766A (en) | 2011-06-08 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
DE10249801B3 (en) | Method of performing a secure electronic transaction using a portable data carrier | |
Leggett et al. | Dynamic identity verification via keystroke characteristics | |
DE60220284T2 (en) | FINGERPRINT MARK DETECTION METHOD AND DEVICE | |
AT507759A1 (en) | REQUEST-BASED PERSON IDENTIFICATION PROCEDURE | |
WO2008090188A2 (en) | Method and arrangement for the creation of a signed text and/or image document | |
EP1199623A2 (en) | Method and system for user identification | |
EP0917678A2 (en) | Method for verifying the identity of a user of a data processing unit with a keyboard designed to produce alphanumeric characters | |
EP2300955A1 (en) | Method and apparatus for improving biometric identification systems | |
EP3963485B1 (en) | User authentication | |
WO2018015481A1 (en) | Authentication method for authenticating a user of a terminal | |
WO2019072341A1 (en) | Methods and system for controlling the access to an authentication-dependent function | |
DE10203926A1 (en) | Data carrier e.g. smart card with personal data security, has storage element for encoded person-specific data based on biometric characteristics | |
DE19904440C2 (en) | Procedure for verifying a person's identity | |
DE102016107250A1 (en) | Method, device and computer program for multi-factor authentication and / or identification of users | |
WO2011039371A1 (en) | Crosswise alignment of typing behaviour for authenticating and/or identifying a person | |
WO2018011437A1 (en) | Automated authentication and identification of a user of a data processing system by means of dynamic keystroke biometric recognition features | |
DE102009014919A1 (en) | Method for authenticating user to system e.g. automated teller machine, involves comparing compressed recording value with stored recording value so that access to secured function is denied based on correlation of values | |
DE102008030088A1 (en) | Method for fraud-safe authentication of individual for access to assigned user account, involves storing information of test sample in suspicious database, when similarity measure falls below predetermined threshold value | |
DE102021205118A1 (en) | Computer-implemented method and computing device for generating at least one cryptographic key | |
EP3901925A1 (en) | Method for checking access credentials | |
WO2000048133A1 (en) | Arrangement for determining and evaluating data or signals and method for verifying the identity or authorisation of a person | |
DE102020007075A1 (en) | Method for authenticating a person in a vehicle | |
WO2011054718A1 (en) | Method and apparatus for avoiding manipulations in authentication and/or identification systems by means of typing behaviour | |
EP3905079A1 (en) | Method and arrangement for detecting misuse of a computer with a touch-sensitive screen | |
DE102019208565A1 (en) | Process for authenticating a user |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PUAI | Public reference made under article 153(3) epc to a published international application that has entered the european phase |
Free format text: ORIGINAL CODE: 0009012 |
|
17P | Request for examination filed |
Effective date: 20110208 |
|
AK | Designated contracting states |
Kind code of ref document: A1 Designated state(s): AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HR HU IE IS IT LI LT LU LV MC MK MT NL NO PL PT RO SE SI SK TR |
|
AX | Request for extension of the european patent |
Extension state: AL BA RS |
|
19U | Interruption of proceedings before grant |
Effective date: 20110315 |
|
19W | Proceedings resumed before grant after interruption of proceedings |
Effective date: 20110901 |
|
19U | Interruption of proceedings before grant |
Effective date: 20110601 |
|
19W | Proceedings resumed before grant after interruption of proceedings |
Effective date: 20120402 |
|
RAP1 | Party data changed (applicant data changed or rights of an application transferred) |
Owner name: WOELFL, THOMAS |
|
RAP1 | Party data changed (applicant data changed or rights of an application transferred) |
Owner name: PSYLOCK GMBH |
|
RAP1 | Party data changed (applicant data changed or rights of an application transferred) |
Owner name: WOELFL, THOMAS |
|
17Q | First examination report despatched |
Effective date: 20121004 |
|
STAA | Information on the status of an ep patent application or granted ep patent |
Free format text: STATUS: THE APPLICATION IS DEEMED TO BE WITHDRAWN |
|
18D | Application deemed to be withdrawn |
Effective date: 20130103 |