JP2023531198A - Aerosol generator user authentication - Google Patents

Abstract

An aerosol generator user authentication unit (200) is provided. The user authentication unit comprises a controller (202) and one or more user authentication input means (204) configured to detect multiple types of user input. a controller detects a first user input and a second user input at one or more user authentication input means (S402), determines a first authentication score for the first user input (S404-1); determining a second authentication score for the second user input (S404-2); determining an overall authentication score based on a combination of the first authentication score and the second authentication score (S406); It is configured to control the user authentication unit to perform the first operation (S408) when it is determined that the predetermined requirement is satisfied.

Description

This application relates to aerosol generating devices or electronic cigarettes, and more particularly to user authentication for aerosol generating devices.

Aerosol-generating devices, such as electronic cigarettes and other aerosol inhalers or vaporizers, are increasingly popular consumer products.

Heating devices for vaporization or aerosolization are known in the art. Such devices typically include a heater arranged to heat the vaporizable or aerosolizable product. In operation, the vaporizable or aerosolizable product is heated by the heater to vaporize or aerosolize the components of the product for inhalation by the consumer. In some examples, the product may comprise tobacco leaves and may resemble a conventional cigarette, and in other examples the product may be a liquid or liquid content within a capsule.

A need exists for robust and efficient user authentication in such devices. It is therefore an object of the present invention to address such issues.

According to a first aspect, there is provided an aerosol generator user authentication unit, the user authentication unit comprising a controller and one or more user authentication input means configured to detect multiple types of user input, the controller comprising:
detecting a first user input of a first type and a second user input of a second type at one or more user authentication input means;
determining, for the first user input, a first authentication score based on a comparison of the first user input and corresponding first predetermined authentication data;
determining, for the second user input, a second authentication score based on a comparison of the second user input and corresponding second predetermined authentication data;
determining an overall certification score based on a combination of the first certification score and the second certification score;
It is configured to control the user authentication unit to perform the first operation when it is determined that the overall authentication score satisfies a predetermined requirement.

The aerosol generator can be locked to prevent accidental or unauthorized use. Unlocking can be achieved by biometric-based input tests or knowledge-based input tests such as passwords. These input tests are binary-based systems in that they either pass and unlock the device or fail and do not unlock the device. If the input is incorrect, the device will be locked until the test is fully passed. It is important for users of aerosol generating devices to be able to unlock the device in an efficient manner. Failure of an authorized user to unlock a device results in a negative user experience.

A first aspect provides an improved user experience by using more than one type of user input in the authentication process. Authentication scores are determined for each type of user input, which are combined to determine an overall authentication score. If this overall authentication score satisfies a predetermined requirement, a first action is performed. A less than perfect authentication score from the first user input can be offset with the authentication score of the second user input. For example, detection of only a slightly mistyped password or a partial fingerprint can unlock the device if a second user input increases the overall authentication score and meets predetermined requirements. In this way, authentication is not a binary pass/fail based on a single user input, and the operator can unlock the device while entering imperfect user input. This improves the user experience as it allows authorized users to efficiently unlock the aerosol generating device. Furthermore, this ensures that the device has an appropriate level of security in user authentication, while allowing the incorporation of noisier but cheaper to implement user input means.

Optionally, the first authentication score is based on how closely the first user input and the first predetermined authentication data match, and the second authentication score is based on how closely the second user input and the second predetermined authentication data match.

Optionally, the first type of input and the second type of input are different types of input.

Optionally, if it is determined that the overall authentication score represents an authorized user who has provided the user input, then the overall authentication score is determined to meet a predetermined requirement.

Optionally, if the overall authentication score is greater than or equal to the threshold authentication score, it is determined that the overall authentication score indicates an authorized user who provided the user input.

Optionally, the controller is configured to detect the first user input and the second user input simultaneously.

In this manner, lower security level user input types can be simultaneously detected and combined to provide an overall higher security level without substantially increasing the time required for the authentication process.

Optionally, the controller is configured to detect the first user input within a predetermined time period defined by the first type of input and to detect the second user input within a predetermined time period defined by the first type of input.

In this way, detection of both user inputs can be completed in the same period of time.

Optionally, the controller
detecting a first user input;
determining a first authentication score for the first user input;
if it is determined that the first authentication score meets a preliminary predetermined requirement, controlling the user authentication unit to perform a first action;
detecting a second user input if it is determined that the first authentication score does not meet a preliminary predetermined requirement;
determining a second authentication score for the second user input;
It is configured to determine an overall certification score based on a combination of the first certification score and the second certification score.

In this way, if the first user input meets the preliminary predetermined requirements, the second user input will not be detected. This improves processing time and reduces power consumption.

Optionally, the controller
detecting a first user input;
determining a first authentication score for the first user input;
if it is determined that the first authentication score meets a preliminary predetermined requirement, controlling the user authentication unit to perform a first action;
detecting the second user input and the third user input of the third type in the user input detection period if it is determined that the first authentication score of the first user input does not meet the preliminary predetermined requirement;
determining a second authentication score for the second user input and a third authentication score for the third user input based on a comparison of the third user input to corresponding third predetermined authentication data;
An overall certification score is determined based on a combination of the first certification score, the second certification score, and the third certification score.

In this manner, flexibility can be provided in the order and combination of detection of user inputs in the authentication process. This allows the process to be tailored to, for example, limit power consumption or minimize processing time.

Optionally, the controller
detecting a first user input in a first time period;
detecting a second user input in a second time period overlapping the first time period;
determining a first authentication score for the first user input, and if it is determined that the first authentication score meets a preliminary predetermined requirement, stop detecting the second user input and control the user authentication unit to perform a first action;
If it is determined that the first authentication score does not meet a preliminary predetermined requirement, then determining a second authentication score for the second user input, and determining an overall authentication score based on a combination of the first authentication score and the second authentication score.

Thus, the authentication score for the fastest user input to be detected (ie, the first user input) is first determined. If this first authentication score meets preliminary predetermined requirements, the detection of the second user input can be terminated, thereby providing a faster authentication process and reducing power consumption. If the authentication score of the first user input does not meet a preliminary predetermined requirement, the detection of the second user input can be completed and a second authentication score can be determined and combined with the first authentication score to obtain an overall authentication score. In this way, the speed of the authentication process can be improved without adversely affecting the likelihood that the authorized operator will successfully fulfill the given requirements.

Optionally, if the first authentication score is determined to indicate an authorized user who provided the first user input, then the first authentication score is determined to meet a preliminary predetermined requirement, and if it is determined that the first authentication score does not indicate an authorized user to provide the first user input, it is determined that the first authentication score does not meet the preliminary predetermined requirement.

Optionally, the first action includes unlocking the aerosol generator.

Optionally, the one or more user authentication input means are
a button sensor module, wherein the type of user input includes the number of button actuations, and/or the time between button actuations, and/or the force of the button actuations;
a fingerprint scanning module, wherein the type of user input includes scanning the user's fingerprint with the fingerprint sensor;
a body impedance measurement module, wherein the type of user input includes measurements of the user's body impedance by a body impedance measurement scanner;
a password module, wherein the type of user input includes an input password received by the password module;
a motion sensor module, wherein the type of user input includes device motion detected by the motion sensor;
a facial recognition module, wherein the type of user input includes facial recognition scanning of the user by a facial recognition scanner.

According to a second aspect there is provided an aerosol generator comprising the aerosol generator user authentication unit of the first aspect.

According to a third aspect, there is provided an aerosol generator user authentication method performed in a user authentication unit of the aerosol generator, the method comprising:
detecting a first user input and a second user input at one or more user authentication input means configured to detect multiple types of user input, wherein the first user input is a first type of input and the second user input is a second type of input;
determining a first authentication score for the first user input, the first authentication score being based on a comparison of the first user input and corresponding first predetermined authentication data;
determining a second authentication score for the second user input, the second authentication score being based on a comparison of the second user input and corresponding second predetermined authentication data;
determining an overall certification score, wherein the overall certification score is based on a combination of the first certification score and the second certification score;
and controlling the user authentication unit to perform a first action if it is determined that the overall authentication score meets the predetermined requirement.

According to a fourth aspect, there is provided a non-transitory computer readable medium storing instructions that, when executed by the one or more processors, cause the one or more processors to control an aerosol generator user authentication unit, the instructions directing the one or more processors to:
detecting a first user input and a second user input at one or more user authentication input means configured to detect multiple types of user input, wherein the first user input is a first type of input and the second user input is a second type of input;
determining a first authentication score for the first user input, the first authentication score being based on a comparison of the first user input and corresponding first predetermined authentication data;
determining a second authentication score for the second user input, the second authentication score being based on a comparison of the second user input and corresponding second predetermined authentication data;
determining an overall certification score, the overall certification score being based on a combination of the first certification score and the second certification score;
and controlling the user authentication unit to perform the first action when it is determined that the overall authentication score satisfies a predetermined requirement.

Embodiments of the invention will now be described by way of example with reference to the drawings.

1 is a schematic diagram of an aerosol generator; FIG. 1 is a schematic diagram of an aerosol generator; FIG. Fig. 3 is a block diagram of an authentication unit; FIG. 4 is a block diagram of an authentication unit with various types of exemplary user input means; FIG. 2 is a flow diagram of an aerosol generator user authentication process; Figure 5 is a flow diagram of an implementation of the aerosol generator user authentication process according to Figure 4; Figure 5 is a flow diagram of another implementation of the aerosol generator user authentication process according to Figure 4; Figure 5 is a flow diagram of another implementation of the aerosol generator user authentication process according to Figure 4; Figure 5 is a flow diagram of another implementation of the aerosol generator user authentication process according to Figure 4;

Figures 1A and 1B schematically illustrate an aerosol generating device 100, also known as a vapor generator or electronic cigarette. It will be appreciated that for the purposes of this disclosure, the terms vapor and aerosol are interchangeable.

In such embodiments, the aerosol-generating device 100 has a body 104 and a connectable mouthpiece portion 102 .

Mouthpiece portion 102 includes liquid reservoir 106 and mouthpiece 108, which form a single entity. That is, the liquid reservoir 106 configured to contain the vaporizable liquid is part of the mouthpiece portion 102 such that the mouthpiece portion 102 including the liquid reservoir 106 is removable and replaceable from the body 104. Mouthpiece portion 102 can be viewed as a liquid reservoir or cartridge 106 having a mouthpiece 108 .

The body 104 includes a battery for powering the aerosol generator 100 and control electronics for controlling the operation of the aerosol generator 100 . Specifically, the atomizer 116 in the mouthpiece portion 102 is powered and controlled by the battery and control electronics within the body 104 . The body 104 may further comprise user-operable buttons for functions such as turning the aerosol generator on and off and engaging the heater of the atomizer to aerosolize or vaporize the vaporizable liquid from the liquid reservoir 106. The control electronics or controller includes one or more processors and memory that stores operating instructions for the aerosol generating device 100 . In one embodiment, the control electronics may be contained within a microcontroller unit.

The mouthpiece portion 102 includes a mouthpiece 108 having an opening or orifice 110 at a first end 112 and an atomizer 116 at a second end 114 (the second end 114 being the opposite end distal to the first end 112). The second end 114 of the mouthpiece portion further comprises an electrical contact 118 configured to engage the body 104 to form an electrical connection between the atomizer 116 and the battery and controller, i.e. a power and control electrical connection for the atomizer 116.

FIG. 1A shows mouthpiece portion 102 separately from body 104 . FIG. 1B shows mouthpiece portion 102 engaging body 104 .

Liquid reservoir 106 is positioned between first end 112 and second end 114 of mouthpiece portion 102, and vapor flow tube 120 extends from atomizer 116 at second end 114 of mouthpiece portion 102 through liquid reservoir 106 to mouthpiece opening 110 at first end 112 of mouthpiece portion 102. That is, vapor flow tube 120 has a portion within liquid reservoir 106 that connects to atomizer 116 and a portion within mouthpiece 108 that connects to mouthpiece opening 110 .

Atomizer 116 comprises a fluid transfer element, such as a wick or any other suitable means for conveying liquid, and a heater. The fluid transfer element is configured to draw liquid from the liquid reservoir 106 to the heater. The heater then heats and vaporizes the liquid to produce vapor.

Electrical contacts 118 and liquid reservoir 106 are contained within body 104 when mouthpiece portion 102 and body 104 are connected together. In doing so, the electrical contacts 118 of the mouthpiece portion 102 become connected with corresponding contacts in the body 104 , thereby allowing the body 104 to power and control the atomizer 116 .

In use, the controller powers the heater in the atomizer 116 from the battery. The heater then heats the liquid drawn to it by the fluid transfer element to produce vapor. As the consumer inhales over the opening 110 in the mouthpiece 108 , the generated vapor is drawn by the mouthpiece 108 along the vapor flow path or flow path 105 . This involves vapor being drawn from the atomizer 116 through the vapor flow tube 120 to the mouthpiece opening 110 . The consumer can then inhale the produced vapor. This can be thought of as an aerosolization or vaporization session.

In one embodiment, when the liquid in liquid reservoir 106 is depleted, mouthpiece portion 102 can be removed from body 104 and replaced with a new mouthpiece portion 102 . In another example, the liquid reservoir 106 within the mouthpiece portion 102 can be refilled with fresh liquid.

In embodiments, the aerosol generating device 100 may also include an indicator 122, such as a light emitting indicator (eg, one or more light emitting diodes), a sound emitting indicator (eg, a speaker), or a display screen. In the particular example of FIG. 1, indicator 122 is positioned within body 104 . In various embodiments, indicator 122 is used to convey internal operational status information of aerosol generating device 100 .

It will be appreciated that the subject matter subsequently described is immediately applicable to any type of aerosol generator, vapor generator, or electronic cigarette, not just the type described with reference to FIGS. 1A and 1B. Such other types of devices may include, for example, but are not limited to, devices incorporating a liquid reservoir configured to contain a vaporizable liquid, where the vaporizable liquid may be vaporized by a vaporizer within the device; devices containing cartridges or capsules of liquid or fibrous material for vapor or aerosol generation; devices configured to contain and heat tobacco products, such as plugs or tobacco-like consumables, to form an aerosol;

FIG. 2 shows a block diagram of an authentication unit 200 configured for use with an aerosol generating device 100, such as, but not limited to, the aerosol generating device 100 described with respect to FIGS. 1A and 1B.

The authentication unit 200 comprises one or more user authentication input means 204 configured to detect multiple types of user input. That is, the authentication unit 200 may comprise one or more user authentication input means 204 configured to detect multiple user inputs, or multiple user authentication input means 204 each configured to detect one or more types of user input. User input can be of knowledge-based type (eg, password) or biometric type (eg, fingerprint scan).

Authentication unit 200 further comprises a controller 202 configured to perform a user authentication process. One or more user authentication inputs 204 (also referred to as user inputs 204) are connected to controller 202 and are in communication therewith. Controller 202 is configured to detect user input at user input means 204 and determine a verification score for the user input. The controller 202 can determine an overall authentication score based on these authentication scores, and can unlock the aerosol generating device 100 if the overall authentication score meets or exceeds a threshold.

The controller 202 can be the main controller 202 of the aerosol generating device 100 or a separate controller connected to the main controller, and the user input means 204 can be various user input means 204 also incorporated within the aerosol generating device 100. The combination of controller 202 and one or more user input means 204 form authentication unit 200 .

FIG. 3 shows a block diagram of an exemplary authorization unit comprising a controller 202 and various user input means 204. As shown in FIG. In embodiments, user input means 204 may comprise one or more of fingerprint scanning module 204-1, password module 204-2, face recognition module 204-3, button sensor module 204-4, motion sensor module 204-5, and/or body impedance measurement module 204-6.

More specifically, fingerprint scanning module 204 - 1 can be implemented using a fingerprint scanner or sensor embedded within the body of aerosol generating device 100 . In an embodiment of fingerprint scanning module 204 - 1 , user input may include scanning the fingerprint or thumbprint of the operator of aerosol generating device 100 .

The password module 204-2 can be implemented using an interface built into the body of the aerosol generator 100, such as a touch screen or physical keypad. In embodiments of password module 204-2, user input may include passwords, passcodes, passphrases, and the like.

The facial recognition module 204-3 can be implemented using a camera or facial scanner embedded within the body of the aerosol generating device 100. FIG. In an embodiment of facial recognition module 204-3, the user input may include a facial recognition scan of the operator's face that provides facial biometrics.

The button sensor module 204-4 can be implemented using a button built into the body of the aerosol generating device 100, the button sensor module 204-4 being configured to detect when the button has been actuated. The buttons may be depressible buttons, capacitive buttons, touch screen interface buttons, or any other suitable type of button. In embodiments of button sensor module 204-4, the user input may include the number of button actuations, and/or the time between button actuations, and/or the force of the button actuations.

Motion sensor module 204-5 can be implemented using an accelerometer built into aerosol generator 100. FIG. The accelerometer may be a 2D accelerometer configured to detect motion of the aerosol generating device 100 in two dimensions. Alternatively, the accelerometer may be a 3D accelerometer configured to detect motion of the aerosol generating device 100 in three dimensions. In embodiments of motion sensor module 204-5, user input may include characteristic or micro-movements of aerosol generating device 100 when held by an operator.

A body impedance measurement module can be implemented using a body impedance measurement circuit incorporated within the aerosol generator 100 . For example, two or more body impedance measuring electrodes may be positioned within the aerosol generating device 100 and configured to measure the body impedance of the operator using bioelectrical impedance analysis. In an embodiment of the body impedance measurement module 204-6, the user input may include body impedance measurements of the operator measured using bioelectrical impedance analysis.

Any of the user inputs 204 described above can be used as one or more of the user inputs 204 in the user authentication process that continues to be described with reference to FIGS. 4-8. Note that the authentication unit 200 need not comprise each of the user input means 204 described above, nor need it be limited to these particular user input means 204 only. Any suitable type of user input means 204 can be used in the authentication process described with reference to FIGS. 4-8. For example, suitable types of user input means may be any type of biometric-based or knowledge-based identification technology suitable for incorporation within the aerosol generating device 100 .

FIG. 4 shows the process flow performed by controller 202 in the user authentication process.

At step S402, a first user input and a second user input are detected at one or more user authentication inputs 204. FIG. The first user input is of a first type and the second user input is of a different second type. The two different types of user input may be different types of user input detected at different user input means 204 or may be different types of user input detected at the same user input means 204 . For example, the first user input may be a fingerprint scan detected at fingerprint scanning module 204-1 and the second user input may be a face recognition scan detected at face recognition module 204-3. In another example, the first user input may be the number of button actuations detected by button sensor module 204-4, and the second user input may be the time between button actuations detected by button sensor module 204-4.

The controller 202 can be configured to detect a first user input within a predetermined time period defined by the first type of input and to detect a second user input within a predetermined time period defined by the first type of input. For example, if continuous user input, such as motion detection, is detected by motion sensor module 204-5, a fixed time period for detecting continuous user input can be defined based on the time period required for fixed time user input, such as entering a password or scanning a fingerprint. In this way, both continuous user input and fixed time user input can be detected at the same time, and detection of both can be completed at the same time.

The detected user input can be stored in memory associated with controller 202 . This storage can occur when detection is complete, or as an update while user input is being detected.

An operator of device 100 can initiate the authentication process. In one embodiment, step S402 may be initiated in response to user input means 204 detecting that an operator of device 100 is providing user input. In another example, step S402 may be initiated in response to an operator of device 100 selecting a heater start button to initiate an aerosolization session.

In step S404-1, a first authentication score is determined for the first user input. The first authentication score is based on a comparison of the first user input and corresponding first predetermined authentication data.

In step S404-2, a second authentication score is determined for the second user input. The second authentication score is based on a comparison of the second user input and corresponding second predetermined authentication data.

The first authentication data and the second authentication data are exemplary reference versions or reference inputs of the user input against which the first user input and the second user input are compared. The authentication data may be stored in memory accessible by the controller 202 . The reference version of the user input is a pre-stored version of the user input tailored to the operator's specific details (eg, the operator's reference fingerprint, or a password set by the operator). The reference version can be stored in memory accessible to the controller 202 .

A certification score can be determined by comparing user input to a corresponding exemplary reference version or reference user input. The closeness of match between the detected user input and the reference version determines the authentication score. The authorization score indicates the likelihood that an authorized operator of the device provided the user input.

In one embodiment, the authentication score for user input may be determined based on a 0-10 scale. For example, a perfect or exact match between the user input and the reference version may be given a maximum authentication score, such as 10. For example, a complete mismatch between user input and the reference version may be given a minimum authentication score, such as 0. A partial match may be given an intermediate authentication score, such as 5. A near-perfect match may be given an upper-medium authentication score, such as 7.5. Few matches may be given a below-medium authentication score, such as 2.5. Although the exemplary numbers 0, 2.5, 5, 7.5, and 10 are used, the certification score can be any number between 0 and 10, depending on the degree of closeness or matching of the user input to the reference version. However, it will be appreciated that the 0-10 scale is for illustrative purposes and that other suitable scoring systems can be used. The scoring system should be consistent for all user input means 204 implemented on the aerosol generating device 100 .

A match that is neither perfect nor perfect between the detected user input and the reference user input can have a graded authentication score on a scale between perfect and imperfect matches. The relationship between the degree of match and the authentication score may be linear, such that the authentication score decreases linearly as the degree of match between the detected user input and the reference user input decreases. In other examples, the relationship between the degree of match and the authentication score may be non-linear, e.g., the authentication score may decrease exponentially as the degree of match between the detected user input and the reference user input decreases.

Authentication scores may be stored in one or more lookup tables along with the corresponding degree of match between user input and reference versions. These lookup tables can be stored in memory accessible to the controller 202 .

In embodiments where the user input is a detected fingerprint in fingerprint scanning module 204-1, the authentication score may be determined based on how closely the detected scan of the operator's fingerprint (or thumbprint) matches a reference fingerprint (or thumbprint) stored in memory accessible by controller 202.

In embodiments where the user input is a password (or passcode or passphrase) detected in password module 204-2, the authentication score may be determined based on how closely the input password matches a reference password stored in memory accessible by controller 202. The authentication score may decrease as the number of mismatches between the input password and the reference password increases. Some discrepancies may affect the authentication score to a greater extent than other discrepancies. For example, an incorrect letter, number, or symbol may reduce the authentication score by a greater amount than incorrect use of lowercase or uppercase letters for correct letters.

In embodiments where the user input is a detected facial recognition scan in facial recognition module 204-3, the authentication score may be determined based on how closely the detected facial recognition scan matches a reference facial recognition scan stored in memory accessible by controller 202.

In embodiments where the user input is the number of detected button actuations, the time between button actuations, and/or the force of button actuations at button sensor module 204-4, the authentication score may be determined based on how closely the detected number of button actuations, the time between button actuations, and/or the force of the button actuations match a reference number of button actuations, the time between button actuations, and/or the reference button actuations stored in a memory accessible by controller 202. The authentication score decreases as the discrepancy between the detected number of actuation/time between actuation/force of actuation and the reference number of actuation/time between actuation/force of actuation increases.

In embodiments where the user input is motion of the device 100 detected at the motion sensor module 204-5, the authentication score may be determined based on how closely the detected characteristic motion or micro-motion of the aerosol generating device 100 held by the operator matches the reference motion stored in memory accessible by the controller 202.

In embodiments where the user input is a body impedance measurement detected in body impedance measurement module 204-6, the authentication score may be determined based on how closely the detected body impedance measurement matches a reference body impedance measurement stored in a memory accessible by controller 202.

Another type of user input can be based on a timer that registers when the user input is detected. In other words, one type of user input may be the rate at which another type of user input is entered. For example, entering a password can provide two user inputs, the first user input being the password itself and the second user input being the rate at which the password is entered (or the time it takes to enter the password). Entering the password user input faster indicates an authorized operator entering the user input routinely. However, faster input can also increase the likelihood of errors. This "input speed" user input can provide a higher authentication score to balance the increased likelihood of error in other user inputs. That is, if the password is entered quickly but with minor errors, the authentication score determined based on input speed can contribute to balancing the authentication score determined based on password correctness.

The determined authentication score can be stored in memory accessible to the controller.

In step S406, an overall authentication score is determined. An overall certification score is based on a combination of the first certification score and the second certification score. An overall score can be determined by adding the first authentication score and the second authentication score. For example, if the first certification score is 5 and the second certification score is 7, the overall certification score is 12. The overall authentication score can be stored in memory accessible to the controller.

At step S408, the controller 202 controls the user authentication unit 200 to perform a first operation when it is determined that the overall authentication score satisfies the predetermined requirement. Before the user authentication process begins, the aerosol generating device 100 can be in a locked state that prevents operation of the device 100 for the aerosolization session. A first action can include unlocking the aerosol generating device 100 so that an aerosolization session can be performed. For example, unlocking the aerosol-generating device 100 can include removing a restriction that applies to starting the heater (a restriction that prevents the heater from being started) so that pressing the heater start button starts the heater to heat the aerosolizable or vaporizable product to produce an aerosol or vapor. A first action may include indicating successful authentication and unlocking of device 100 via a visual indicator, such as a light emitting diode or display screen built into device 100, or via an audio indicator, such as a speaker built into device 100.

An overall authentication score satisfies a predetermined requirement if it is determined that the overall authentication score represents an authorized user who provided the user input. More specifically, if the overall authentication score is greater than or equal to the threshold authentication score, then it is determined that the overall authentication score indicates an authorized user who provided the user input.

In one example, the threshold authentication score may be ten. In this way, if the operator enters a user input that perfectly matches the reference version, the device 100 will be unlocked. If the operator enters two less-perfect but near-perfect or partially matching user inputs and the overall authentication score is 10 or greater, the device 100 will be unlocked. For example, if the first authentication score is 5 and the second authentication score is 7.5, the determination that the overall authentication score is 12.5 will cause the controller 202 to control the authentication unit 200 to unlock the aerosol generating device 100.

Returning to the types of user input described with reference to FIG. 3 and step S402 of FIG. 4, different types of user input can have different security levels associated with them. For example, a fingerprint scan may be safer than the number of button actuations. The types of user input in user authenticators can be divided into two categories, absolute user input types and non-absolute user input types, based on their associated security levels.

An absolute input type is a type of user input that alone can provide a sufficiently high authentication score to meet a predetermined threshold authentication score. That is, if the type of user input can by itself meet the level of security required to unlock the device, the maximum authentication score should meet at least the threshold authentication score.

A non-absolute input type is a type of user input that, even if perfectly matched to a reference input, cannot alone provide a high enough authentication score to meet a predetermined threshold authentication score. That is, if the type of user input cannot by itself satisfy the level of security required to unlock the device, the maximum authentication score should be at least lower than the threshold authentication score.

In an example where the threshold is 10, an absolute input source can provide an authentication score of 10 or greater, while a non-absolute input source can only provide an authentication score of less than 10. Thus, an absolute input type can unlock the device 100 if it sufficiently matches the reference input. In contrast, unlocking the device 100 requires a combination of user inputs of non-absolute input types, or partially matching absolute input types (having an authentication score below the threshold, e.g., less than 10) in combination with non-absolute input types (having an authentication score high enough to reach the threshold when combined with a partially matching absolute input type).

In one example, the number of button actuations may be a non-absolute input type that is considered less secure than a fingerprint scan. Thus, the maximum authentication score for the number of button actuations may be less than the threshold authentication score (eg, less than 10) even if the criteria are perfectly met. In contrast, a perfect match between the detected fingerprint and the reference fingerprint can provide a higher level of security and therefore an authentication score that meets a threshold retention (eg, 10 or higher). Thus, a perfect or near-perfect match to a user input with a high security level may result in unlocking of device 100 regardless of the second user input. For lower security level user inputs where a perfect match of one input alone cannot provide an authentication score that meets the threshold, multiple user inputs can be combined to reach or exceed the threshold and unlock the device 100.

An example of an absolute input type can be a password. Biometric inputs such as fingerprint scans, motion detection, and face recognition scans can also be absolute input types if the input means used to enter them are of sufficient quality. That is, lower quality detectors may not be able to detect inputs with sufficiently high quality to provide the necessary security for absolute inputs. It follows that non-absolute input types may be biometric inputs detected by such lower quality detectors. Another example of a non-absolute input type can be the timing at which the input is received. If the user input means can be associated with the device's internal clock, and the user input is received at the expected time of use, the user input can be considered non-absolute user input, thereby contributing to the overall authentication score.

The authentication scores of different types of user input can be weighted when determining the overall authentication score. Input types that are more trusted (ie, input types that have a higher level of security) can be given more weight than input types that are less trusted. A higher security level input type may be a more difficult input type to fraudulently imitate. Higher security level input types may also be input types recorded with higher quality biometric detectors that produce higher quality input detections. Higher quality input detection means that user input can be evaluated more closely against reference input, thereby improving security levels. A weighting factor can be included prior to summing the authentication score to make the evaluation process simpler.

In other examples, the threshold authentication score may be higher than any one type of user input alone can provide. This way, multiple positive user inputs (i.e., user inputs that provide authentication scores greater than zero) are always required, even if one of the user inputs perfectly matches the corresponding criteria. This ensures a high level of security in the authentication process.

If the overall authentication score does not meet a predetermined requirement (eg, if the overall authentication score is less than or equal to the threshold authentication score), controller 202 can control user authentication unit 200 to perform a second operation. A second action may include not unlocking the device 100 for the aerosolization session. A second action may include indicating that authentication failed and device 100 was not unlocked via a visual indicator, such as a light emitting diode or display screen built into device 100, or via an audio indicator, such as a speaker built into device 100.

For example, if the first authentication score is 25 and the second authentication score is 50, the overall authentication score will be less than the threshold authentication score of 100, and thus the controller 202 will not control the authentication unit 200 to unlock the aerosol generator 100.

The overall authentication score can be continuously compared to the threshold authentication score as the overall authentication score is determined based on successive detections of user input. Alternatively, the overall authentication score can be compared to the threshold authentication once the determination of the overall authentication score is completed.

In the example of FIG. 4, two user inputs are identified, i.e. two user inputs are detected, an authentication score is determined for each of them, and an overall authentication score is based on the combined authentication score associated with the two user inputs. However, the process can use n user inputs of different types, where n is 2 or greater, a verification score is determined for each of the n user inputs, and the overall verification score is based on a combination of the n verification scores associated with the n user inputs.

The authentication process described with reference to Figure 4 can also be implemented in a number of specific implementations described with reference to Figures 5-8.

FIG. 5 shows an example process flow for an implementation of the user authentication process described with reference to FIG. 4, in which user input is simultaneously detected and then the determination of the corresponding authentication score is determined simultaneously.

In step S501, a user authentication process is initiated.

At steps S502-1 and S502-2, a first user input and a second user input are detected at one or more user input means 204 by the controller 202. FIG. In some embodiments, there may be n user inputs of different types, where n is two or more as represented by step S502-n. At steps S502-1, S502-2 . User input can be detected in the manner described with reference to FIGS. 3 and 4, step S402.

In some embodiments, the input period during which user inputs are detected is defined by the period required to detect one of the user inputs. That is, one of the user inputs has a specific period of time during which the input is detected, and completion of this time defines the end of the period for detecting one or more other user inputs. For example, a fingerprint scanner may require a certain period of time to fully scan the fingerprint. During this period the motion detector can record motion data. The end point of the recording of motion data can be defined by the completion of the fingerprint scan. In another embodiment where the first input type is the number of button presses and the second input type is the number of button presses, the end of the period for recording the second input type is defined by the completion of the first input type.

User input can be stored in temporary memory until all required user input is detected. When each user input has been collected, the process can proceed to determine an authentication score.

In step S504-1, a first authentication score is determined by controller 202 for the first user input, and in step S504-2, a second authentication score is determined by controller 202 for the second user input. For n user inputs, the nth authentication score for the nth user input is determined by the controller 202 at S504-n. That is, a respective authentication score is determined for each of the first through nth user inputs. Each authentication score is determined by controller 202 at or substantially the same time after each user input is detected. The authentication score can be determined in the manner described with reference to steps S404-1 and S404-2 of FIG.

Determination of authentication scores for each of the user inputs can begin simultaneously, and each authentication score can be stored in memory associated with controller 202 as it is determined. Once each of the required certification scores has been determined, the process can continue to determine the overall certification score.

At step S506, an overall authentication score is determined by the controller 202 based on the combination of the first authentication score and the second authentication score. An overall certification score for n certification scores is based on a combination of the n certification scores. The overall authentication score can be determined in the manner described with reference to step S406 of FIG.

At step S508, it is determined by the controller 202 whether the overall authentication score meets predetermined requirements. That is, controller 202 determines whether the overall authentication score meets or exceeds the threshold authentication score.

If the overall authentication score meets the predetermined requirement, the process proceeds to step S510, where the controller 202 controls the user authentication unit 200 to perform the first action. The first operation may correspond to the operation described with reference to step S408 of FIG.

If the overall authentication score does not meet the predetermined requirement, the process proceeds to step S512 and the controller 202 controls the user authentication unit 200 to perform the second action (or not perform the first action). A second operation may correspond to the operation described with reference to FIG.

In one example according to the implementation of the process of FIG. 5, a first user input type can be the number of button presses and a second user input type can be the timing between button presses. This can be enhanced by a third user input type, such as detecting movement with a movement sensor while button presses are being recorded. The number of button presses, timing between button presses, and motion data may each alone not be sufficient in security level to provide an authentication score that meets the threshold (i.e., each may be a non-absolute user input type). However, when combined, these non-absolute user input types can provide a combined authentication score that meets or exceeds the threshold authentication score. In this way, lower security level user input types can be combined to provide an overall higher security level.

FIG. 6 shows an example process flow for an implementation of the user authentication process described with reference to FIG. 4, in which a first user input is received and a first authentication score is determined. If the first authentication score meets a preliminary predetermined requirement, a first action is performed. A second user input is detected and a second authentication score is determined if the first authentication score does not meet a preliminary predetermined requirement. An overall certification score is then determined based on the combination of the first certification score and the second certification score.

At step S602, the controller 202 is configured to detect a first user input. A first user input can be detected in the manner described with reference to FIGS. 3 and 4, step S402.

At step S604, controller 202 is configured to determine a first authentication score for the first user input.

At step S606, the controller 202 is configured to control the user verification unit 200 to perform a first action if it is determined that the first verification score meets a preliminary predetermined requirement.

The preliminary predetermined requirement may be a preliminary threshold authentication score. In one example, the preliminary threshold authentication score may be equal to the threshold authentication score described with reference to FIG. Alternatively, the preliminary threshold authentication score may be higher or lower than the authentication score. The first operation may correspond to the operation described with reference to step S408 of FIG.

In this example, the first user input may be of the absolute input type because it alone is able to meet the threshold.

In step S608, the controller 202 is configured to detect a second user input if the controller 202 determines that the first authentication score does not meet the preliminary predetermined requirements. A second user input can be detected in the manner described with reference to FIGS. 3 and 4, step S402.

At step S610, the controller 202 is configured to determine a second authentication score for the second user input.

In implementations of the user authentication process of FIG. 6, first and second authentication scores for first and second user inputs can be determined in the manner described with reference to steps S404-1 and S404-2 of FIG.

At step S612, the controller 202 is configured to determine an overall certification score based on the combination of the first certification score and the second certification score. The overall authentication score can be determined in the manner described with reference to step S406 of FIG.

At step S614, the controller 202 is configured to control the user authentication unit 200 to perform a first action if it is determined that the overall authentication score meets a predetermined requirement (i.e., if the overall authentication score meets or exceeds the threshold authentication score). The first operation may correspond to the operation described with reference to step S408 of FIG. If the overall authentication score does not meet the predetermined requirements, controller 202 controls user authentication unit 200 to perform a second action. A second operation may correspond to the operation described with reference to FIG.

In the example of FIG. 6, two user inputs are identified, i.e. two user inputs are detected, an authentication score is determined for each of them, and an overall authentication score is based on the combined authentication score associated with the two user inputs. However, the process can use n user inputs of different types, where n is 2 or greater, a verification score is determined for each of the n user inputs, and the overall verification score is based on a combination of the n verification scores associated with the n user inputs. That is, if the combination of the first authentication score and the second authentication score does not meet the predetermined requirements, the third user input may be detected and the third authentication score may be determined. An overall certification score can then be determined based on the first, second, and third certification scores. This can be repeated for n user inputs.

The authentication process described with reference to FIG. 6 may be beneficial in that it only needs to detect one user input if the first user input type is an absolute user input type and is entered with sufficient accuracy to provide a first authentication score that meets preliminary predetermined requirements. This can limit power consumption in the authentication process and can also reduce the time required for the authentication process.

The authentication process described with reference to FIG. 6 is also beneficial if the first user input is not of the absolute input type or if the first user input does not provide an authentication score that meets the threshold authentication score. Sequential operation of the user input means 204 can limit power consumption because the plurality of user input means 204 operate sequentially rather than simultaneously.

FIG. 7 shows an example process flow for an implementation of the user authentication process described with reference to FIG. 4, in which a first user input is received and a first authentication score is determined. If the first authentication score meets a preliminary predetermined requirement, a first action is performed. If the first authentication score does not meet the preliminary predetermined requirements, the second user input and the third user input are detected simultaneously, then the determination of the second authentication score and the third authentication score are determined simultaneously. An overall authentication score is then determined based on the combination of the first user authentication score, the second user authentication score, and the third user authentication score.

At step S702, the controller 202 is configured to detect a first user input. A first user input can be detected in the manner described with reference to FIGS. 3 and 4, step S402.

At step S704, controller 202 is configured to determine a first authentication score for the first user input.

In step S706, the controller 202 is configured to control the user verification unit 200 to perform a first action if it is determined that the first verification score meets a preliminary predetermined requirement.

Similar to that described with reference to FIG. 6, the preliminary predetermined requirement may be a preliminary threshold authentication score. In one example, the preliminary threshold authentication score may be equal to the threshold authentication score described with reference to FIG. Alternatively, the preliminary threshold authentication score may be higher or lower than the authentication score. The first operation may correspond to the operation described with reference to step S408 of FIG.

In this example, the first user input may be of the absolute input type because it alone is able to meet the threshold.

In step S708, if the controller 202 determines that the first authentication score does not meet the preliminary predetermined requirements, the controller 202 is configured to detect a second user input and a third user input, the third user input being a third type of input. The third user input can be any type of user input different from the first user input and the second user input. This can include, but is not limited to, any of the user inputs described with reference to FIG. 3 and steps S402, S404-1 and S404-2 of FIG.

The second user input and the third user input can be detected in the manner described with reference to FIGS. 3 and 4, step S402. A second user input and a third user input can be detected during the user input detection period. A user input detection period for detecting the second user input and the third user input can be triggered following a determination that the first authentication score does not meet preliminary predetermined requirements. The authentication process fails if both the second user input and the third user input are not detected during the user input detection period. Alternatively, if one of the second or third user input is not detected during the user input detection period, the process proceeds with only one of the second or third user input and no authentication score is calculated for the absent user input. The second user input and the third user input can be detected simultaneously or substantially simultaneously during the user input detection period.

At step S710, the controller 202 is configured to determine a second authentication score for the second user input and a third authentication score for the third user input.

In implementations of the user authentication process of FIG. 7, first, second and third authentication scores for first, second and third user inputs can be determined in the manner described with reference to steps S404-1 and S404-2 of FIG. 4 (but for three user inputs instead of two).

At step S712, the controller 202 is configured to determine an overall authentication score, where the overall authentication score is based on a combination of the first authentication score, the second authentication score and the third authentication score. The overall authentication score can be determined in the manner described with reference to step S406 of FIG.

In step S714, the controller 202 is configured to control the user authentication unit 200 to perform a first action if it is determined that the overall authentication score meets a predetermined requirement (i.e., if the overall authentication score meets or exceeds the threshold authentication score). The first operation may correspond to the operation described with reference to step S408 of FIG. If the overall authentication score does not meet the predetermined requirements, controller 202 controls user authentication unit 200 to perform a second action. A second operation may correspond to the operation described with reference to FIG.

Alternatively, in steps S708 and S710, n user inputs of different types may be detected in the user input detection period, and n corresponding authentication scores may be determined, where n is 2 or greater.

The authentication process described with reference to FIG. 7 is beneficial in that it allows flexibility in the order and combination of user input detections, so adjustments can be made to limit power consumption or minimize processing time for the authentication process.

FIG. 8 shows an example process flow for an implementation of the user authentication process described with reference to FIG. 4, where a first user input is detected in a first time period and a second user input is detected in a second time period overlapping the first time period.

At step S802, the controller 202 is configured to detect a first user input during a first time period. A first user input can be detected in the manner described with reference to FIGS. 3 and 4, step S402.

At step S804, the controller 202 is configured to detect a second user input in a second time period that overlaps with the first time period. A second user input can be detected in the manner described with reference to FIGS. 3 and 4, step S402.

The second time period can overlap the first time period by beginning before/after the first time period begins and/or ending before/after the first time period ends.

At step S806, the controller 202 is configured to determine a first authentication score for the first user input, and to stop detecting the second user input and control the user authentication unit 200 to perform a first action if it is determined that the first authentication score meets a preliminary predetermined requirement.

In this way, if the first user input provides an authentication score sufficient to unlock the aerosol generating device 100, the controller 202 need not continue detecting the second user input or determining the second authentication score. This can reduce processing overhead and reduce power consumption. This can also expedite the user authentication process, thereby improving the user experience without compromising the security of device 100 .

In this example, the first user input may be of the absolute input type because it alone is able to meet the threshold.

Similar to what was described with reference to Figures 6 and 7, the preliminary predetermined requirement may be a preliminary threshold authentication score. In one example, the preliminary threshold authentication score may be equal to the threshold authentication score described with reference to FIG. Alternatively, the preliminary threshold authentication score may be higher or lower than the authentication score. The first operation may correspond to the operation described with reference to step S408 of FIG.

In step S808, if the controller 202 determines that the first authentication score does not meet the preliminary predetermined requirements, the controller 202 is configured to determine a second authentication score for the second user input and determine an overall authentication score based on a combination of the first authentication score and the second authentication score. That is, the controller does not prematurely stop detecting the second user input if the first authentication score does not meet the preliminary predetermined requirements.

In implementations of the user authentication process of FIG. 8, first and second authentication scores for first and second user inputs can be determined in the manner described with reference to steps S404-1 and S404-2 of FIG. The overall authentication score can be determined in the manner described with reference to step S406 of FIG.

At step S810, the controller 202 is configured to control the user authentication unit 200 to perform a first action if it is determined that the overall authentication score meets a predetermined requirement (i.e., if the overall authentication score meets or exceeds the threshold authentication score). The first operation may correspond to the operation described with reference to step S408 of FIG. If the overall authentication score does not meet the predetermined requirements, controller 202 controls user authentication unit 200 to perform a second action. A second operation may correspond to the operation described with reference to FIG.

The authentication process described with reference to FIG. 8 may be beneficial in that the authentication score for the fastest user input detected (ie, the first user input) is determined first. If this first authentication score meets or exceeds the threshold authentication score, detection of the second user input can be terminated, thereby providing a faster authentication process and conserving battery power. If the authentication score of the fastest user input does not meet the threshold authentication score, detection of a second user input can be completed and a second authentication score can be determined. The second authentication score can be added to the first user authentication score to dynamically recalculate the overall authentication score to increase the overall authentication score. As a result, the overall authentication score exceeds the threshold and the device can be unlocked. In this manner, the speed of the authentication process can be improved without adversely affecting the ability of an authorized operator to successfully unlock device 100 .

In some embodiments, the authentication process described with reference to FIG. 8 can use n user inputs of different types detected in n overlapping time periods (where n is greater than or equal to 2). Step S808 may be repeated for each of the n user inputs, incrementally increasing the overall authentication score until the overall authentication score meets the threshold.

The processing steps described herein performed by controller 202 may be stored in a non-transitory computer-readable medium or storage device associated with controller 202 . Computer-readable media can include non-volatile media and volatile media. Volatile media can include semiconductor memory and dynamic memory, among others. Non-volatile media can include, among others, optical and magnetic disks.

Those skilled in the art will readily appreciate that the preceding embodiments in the foregoing description are non-limiting. Features of each embodiment may be incorporated into other embodiments as appropriate.

Claims (15)

An aerosol generator user authentication unit, said user authentication unit comprising a controller and one or more user authentication input means configured to detect multiple types of user input, said controller comprising:
detecting, at the one or more user authentication input means, a first user input that is a first type of input and a second user input that is a second type of input;
determining, for the first user input, a first authentication score based on a comparison of the first user input and corresponding first predetermined authentication data;
determining, for the second user input, a second authentication score based on a comparison of the second user input and corresponding second predetermined authentication data;
determining an overall certification score based on a combination of the first certification score and the second certification score;
controlling the user authentication unit to perform a first operation when it is determined that the overall authentication score satisfies a predetermined requirement;
an aerosol generator user authentication unit configured to: The first type of input and the second type of input are different types of input. An aerosol generator user authentication unit according to claim 1. 3. The aerosol generator user authentication unit of claim 1 or 2, wherein the overall authentication score is determined to satisfy the predetermined requirement if it is determined that the overall authentication score represents an authorized user who has provided the user input. 4. The aerosol generator user authentication unit of claim 3, wherein if the overall authentication score is greater than or equal to a threshold authentication score, it is determined that the overall authentication score is indicative of an authorized user who provided the user input. An aerosol generator user authentication unit according to any preceding claim, wherein the controller is configured to detect the first user input and the second user input simultaneously. 6. The aerosol generator user authentication unit of claim 5, wherein the controller is configured to detect the first user input within a predetermined time period defined by the first type of input and to detect the second user input within the predetermined time period defined by the first type of input. The controller is
detecting the first user input;
determine the first authentication score for the first user input;
if it is determined that the first authentication score meets a preliminary predetermined requirement, controlling the user authentication unit to perform the first action;
detecting the second user input if it is determined that the first authentication score does not meet the preliminary predetermined requirements;
determine the second authentication score for the second user input;
determining the overall certification score based on a combination of the first certification score and the second certification score;
An aerosol generator user authentication unit according to any one of claims 1 to 4, configured to: The controller is
detecting the first user input;
determine the first authentication score for the first user input;
if it is determined that the first authentication score meets a preliminary predetermined requirement, controlling the user authentication unit to perform the first action;
detecting the second user input and a third user input of a third type during a user input detection period if it is determined that the first authentication score of the first user input does not satisfy the preliminary predetermined requirement;
determining the second authentication score for the second user input and the third authentication score for the third user input based on a comparison of the third user input and corresponding third predetermined authentication data;
determining the overall certification score based on a combination of the first certification score, the second certification score, and the third certification score;
An aerosol generator user authentication unit according to any one of claims 1 to 4, configured to: The controller is
detecting the first user input in a first time period;
detecting the second user input in a second time period overlapping the first time period;
determining the first authentication score for the first user input, and if it is determined that the first authentication score meets a preliminary predetermined requirement, stop detecting the second user input and control the user authentication unit to perform the first action;
The aerosol generator user authentication unit of any one of claims 1 to 4, configured to determine the second authentication score for the second user input if the first authentication score is determined not to satisfy the preliminary predetermined requirement, and to determine the overall authentication score based on a combination of the first authentication score and the second authentication score. 10. The aerosol generator user authentication unit of any one of claims 7 to 9, wherein if it is determined that the first authentication score is indicative of an authorized user who has provided the first user input, it is determined that the first authentication score satisfies the preliminary predetermined requirement, and if it is determined that the first authentication score is not indicative of an authorized user that has provided the first user input, it is determined that the first authentication score does not satisfy the preliminary predetermined requirement. An aerosol generator user authentication unit according to any preceding claim, wherein the first action comprises unlocking the aerosol generator. The one or more user authentication input means,
a button sensor module, wherein the type of user input includes the number of button actuations, and/or the time between button actuations, and/or the force of the button actuations;
a fingerprint scanning module, wherein the type of user input includes scanning the user's fingerprint with a fingerprint sensor;
a body impedance measurement module, wherein the type of user input includes measurements of the user's body impedance by the body impedance measurement scanner;
a password module, wherein the type of user input includes an input password received by the password module;
a motion sensor module, wherein the type of user input includes device motion detected by the motion sensor;
a facial recognition module, wherein the type of user input includes facial recognition scanning of the user by a facial recognition scanner;
The aerosol generator user authentication unit according to any one of claims 1 to 11, comprising at least one of An aerosol generator comprising an aerosol generator user authentication unit according to any one of claims 1-12. An aerosol generator user authentication method performed in a user authentication unit of an aerosol generator, said method comprising:
detecting a first user input and a second user input at one or more user authentication input means configured to detect multiple types of user input, wherein the first user input is a first type of input and the second user input is a second type of input;
determining a first authentication score for the first user input, the first authentication score being based on a comparison of the first user input and corresponding first predetermined authentication data;
determining a second authentication score for the second user input, the second authentication score being based on a comparison of the second user input and corresponding second predetermined authentication data;
determining an overall certification score, wherein the overall certification score is based on a combination of the first certification score and the second certification score;
controlling the user authentication unit to perform a first operation when it is determined that the overall authentication score satisfies a predetermined requirement;
an aerosol generator user authentication method comprising: A non-transitory computer-readable medium storing instructions that, when executed by one or more processors, cause the one or more processors to control an aerosol generator user authentication unit, the instructions causing the one or more processors to:
detecting a first user input and a second user input at one or more user authentication input means configured to detect multiple types of user input, wherein said first user input is a first type of input and said second user input is a second type of input;
determining a first authentication score for the first user input, wherein the first authentication score is based on a comparison of the first user input and corresponding first predetermined authentication data;
determining a second authentication score for the second user input, wherein the second authentication score is based on a comparison of the second user input and corresponding second predetermined authentication data;
determining an overall certification score, wherein the overall certification score is based on a combination of the first certification score and the second certification score;
controlling the user authentication unit to perform a first operation when it is determined that the overall authentication score satisfies a predetermined requirement;
A non-transitory computer-readable medium causing the steps comprising

Images