MXPA03010837A

MXPA03010837A - Security access system.

Info

Publication number: MXPA03010837A
Application number: MXPA03010837A
Authority: MX
Inventors: Gerald R Black
Original assignee: Gerald R Black
Priority date: 2001-05-25
Filing date: 2002-05-28
Publication date: 2004-11-22
Also published as: CN100583748C; IL159028A; JP2005507127A; CN1526218A; KR100591743B1; CA2448707C; ZA200308701B; EP1391075A1; KR20040005989A; CA2448707A1; IL159028A0; HK1069266A1; WO2003036861A1; EP1391075A4

Abstract

This identity authentication system is used in commercial transactions at a point-of-sale terminal. The system comprises a device for capturing a customer signature (signature pad or a smart pen), a sensor for capturing a biometric property of the customer during the transaction, a local processor, a wireless device carried by the customer, a device reader positioned at the point-of-sale terminal, and a host computer. The customer registers advising the system of a customer account that is to be used for payment. The customer also submits an electronic signature (written script of name) and a digital signature for reference purposes - a fingerprint. The customer is then issued a wireless device, the wireless device having memory. The memory may be an ID card, a credit card, a smart card, a transponder, a barcode, or a combination of these memories. An identifying device reader (such as a card reader, an interrogator, a scanner) is located at the point-of-sale terminal that is compatible with the wireless device. Thereafter, when the customer uses a stylus to submit written data - an electronic signature is generated. Similarly, a sensor in the stylus captures data that is used to generate a digital signature. A reference print is then accessed through the memory in the wireless device carried by the customer. The digital and electronic signatures are then compared against the reference data to authentic identity.

Description

SYSTEM WITH SECURITY ACCESS FIELD OF THE INVENTION The invention relates in general to various systems for verifying the identification of a person, and more particularly, where the person carries a wireless device for use in terminals of points of sale, the wireless device has a data storage in, for example, an ID card, a credit card, a smart card, a transponder, a bar code or a combination of these data stores.

BACKGROUND OF THE INVENTION Many systems for identification are known in the art. In some cases, a photograph of a subject or his fingerprint is affixed to an identification card. In other methods, various methods are employed to store image or password information on a magnetic tape or on an optically encoded image or pattern, which physically forms part of the identification card. Still other methods use a "smart card" that has its own "semiconductor memory capacity for storing information." U.S. Patent No. 6,175,922 (Wang) discloses an electronic transaction system for completing a transaction request in a terminal. point of sale using a portable electronic authorization device carried by a user.The device first receives digital data representing the transaction request.The device for electronic authorization provides information that is related to an ability to authorize the transaction request. the transaction is authorized, the electronic authorization device receives the additional data representing the authorization signal of the electronic service, U.S. Patent No. 6,140,939 (Flick) discloses a biometric security system for automobiles. cont Rolador to capture a unique biometric characteristic of an individual to define a captured individual capable of causing the performance of a function associated with the vehicle. The system for vehicle function control includes a sensor of biometric characteristics, and a controller in the vehicle to control a function of the vehicle that responds to the sensor of biometric characteristics. The patent of the United States No. ,857,152 (Everett) exposes an electronic system for the payment of tolls. The system identifies an electronic purse and effects a transfer of values on a communications system without the need for the vehicle to stop. The system provides a toll payment through the use of a communications device and an electronic purse coupled to the device. The remote communication system communicates with mobile devices to make toll payments when cryptographically exchanging secure messages. U.S. Patent No. 5,706,349 (Aditham et al.) Discloses a system for authenticating remote users in a distributed environment. Initially a signal is sent to a remote user once a security mechanism determines that the remote user is who he claims to be. Before accessing the connection between a remote user and an application server, the system verifies that a signal associated with a connection request has been sent by the security mechanism. U.S. Patent No. 6,202,055 (Houvener, et al.) Discloses a system for processing a financial instrument. A customer at an identification terminal initially presents the instrument - perhaps a check. The checking account number is communicated to the remote database containing digital photographic images of authorized users of the checking accounts. The remote database is investigated and any photographic images associated with the check account number are transmitted to the identification terminal. The images are displayed and compared with the physical appearance of the client. The local employee then determines if at least one of the images shown matches the appearance of the person initiating the transaction. U.S. Patent No. 5, 903,225 (Schmitt, et al.) Discloses a system for access control with a fingerprint sensor register. The system includes a station to register a person as authorized based on the detected fingerprint. The system also includes a wireless device that is carried by the authorized person, and an access controller to give access to an authorized person. The wireless device cooperates with the registration station to store data of an authorized person based on the detected fingerprint. The authorized person who carries the wireless device has unrestricted access when approaching the access location. U.S. Patent No. 5,973,731 (Schwab) discloses an identification system that provides interactive communication of text and image information between a central server and multiple remote terminals. The central server maintains a centralized database, separately, of compressed data images of the individuals, and subsequently transmits the compressed data images to local terminals, on demand, during the transactions. The image may include a copy of the authorized signature, which is then used by the transaction terminal to compare with a scanned image of the signature on the authorization note. While a written signature is still considered the preferred way for a person to send an approval and a legal obligation, there is still a need to absolutely confirm that it can be assured that the client is the person authorized to carry out this obligation. A system that uses wireless technology (mainly) in commercial transactions of any value that is acceptable to all parties - that captures a digital signature (which is the international identification standard) at the time the electronic signature is captured ( the written text) the combined signature that is irrefutable; a system based on a pen that is both compatible with card-based systems and independent of these systems.

SUMMARY OF THE INVENTION The system of the present invention addresses these needs. For purposes of the present, a list of key terms are hereinafter set forth to clarify the scope of the authenticated payment system of the present invention. TRANSPONDER is a device that is a receiver-transmitter. The transponder is part of a transponder system - the system also includes an interrogator. The transponder is capable of accepting interrogator interrogation by transmitting an appropriate response. The transponder receives and transmits data wirelessly, generally through low frequency radio waves. The transponder in general is an ID card, a key identifier, a cordless phone, a PDA, or some other device that can be carried by a customer in a purse, wallet, key ring or pocket. The transponder can be active or passive. This definition expressly excludes any transmission of data by means of a check of a card or by inserting a card into a conventional card reader. PEN refers to any device that is compatible with either the user's hand or finger for the purpose of producing a mark on an essentially flat surface. The flat surface can be a digital surface or a piece of paper. While the drawings represent a conventional form of a pen, other shapes and designs are also included within the scope of the present invention such as, for example, any attachment device or thimble-like device for a finger or any implement that can be held with a hand for this purpose. The pen may or may not include an ink cartridge. DYNAMIC REGISTER refers to a process where an existing customer can register for identity in a new system by participating in a conventional transaction. For example, if an electronic signature or digital signature will be used for reference purposes, this signature is captured when the customer takes the pen and signs their name. The registration is impeptible and essentially invisible to the client. The authenticated payment system of the present invention comprises a wireless device carried by the customer, a reader of the device for accessing the customer's data through the wireless device, a device for generating an electronic signature, a sensor for capturing a signature digital during the course of the commercial transaction, a processor at the point of sales to process the electronic signature data and the digital signature data from the device reader, and a central computer in digital communication with the point processor selling.

The method for authenticating a payment of the present invention comprises a customer who is approaching a point of sale terminal with goods that will be acquired, the client generates an electronic signature as an expression of the intention to commit to the commercial transaction by capturing a digital signature of the client when the electronic signature is being generated, comparing the captured digital signature of the client against a digital signature of reference, and approving the transaction whenever a predetermined threshold for authentication has been met and the client has sufficient funds to cover the transaction. A first preferred embodiment of the system for identity verification of the present invention is for use in commercial transactions. The system comprises a central computer, an interrogation device, a transponder device, and a pen. The central computer has access to the data that links the customer to the client's payment account. The interrogator is linked to the central computer arranged in the terminal of the point of sale. The transponder is wireless and is carried by the client, and transmits data to the interrogator at the time of the request. The data transmitted belongs to the identity of the client. The pen is attached to the terminal of the point of sale and includes a sensor arranged in the body of the pen. The sensor captures a digital signature of the client while the client signs with his name. Access to the customer's payment account is only allowed when the captured digital signature matches a reference digital signature. To be used in commercial transactions at a point-of-sale terminal, a customer records the selection of a customer account that will be used for payment. The client also presents a digital signature for reference purposes - preferably a fingerprint. The customer is then supplied with a transponder that links the customer with the customer's account and with the digital reference signature. When the customer is at the point of sale terminal to make the payment, an interrogator at the point of sale terminal transmits a radio signal requesting identity verification. The wireless transponder enters the data to the interrogator. After this, when the client uses a pen to present written data (such as for example, a signature), a sensor in the pen performs the incidental capture of biometric data that allows the interrogator to confirm the identity of the client. Similarly, the system can be used to verify identity when the client wants to cash a personal check. Placed at the center of the process is a pen with any of several biometric sensors or with one or more metric sensors, which allows an incidental capture of the data in relation to identity verification while the pen is being used. The processes for identity verification of the present invention can be used in point of sale terminals, in various controlled environments, to have access to a computer error, in applications involving a script-based computer and smart pens, for commerce electronic, conventional writing implements, and writing implements for various uses. While the system shown herein is described in conjunction with point of sale terminals for purposes of illustration, it should be understood that the principles shown herein can all be applied to a wide range of other activities where a preferred or preferred activity is required or preferred. writing or signing, such as, for example, Internet and intranet trades, access control, government activities (voting, registration of activators, receipt of government benefits) and for use in controlled environments (such as hospitals and banks, for example). Various methods can be used to generate a digital signature: PCT application No. PCT / US99 / 17900 entitled "Identification Confirmation System" filed on April 7, 1999; U.S. Patent Application 09 / 490,687, entitled "Writing Implement and Identity Verification Systems" filed on January 24, 2000; U.S. Patent Application 09 / 535,411, entitled "Method for Identity Verification" filed March 20, 2000; PCT application No. PCT / US00 / 19652 entitled "Identity Authentication System and Method" filed July 18, 2000 by the applicant discloses the use of fingerprint sensors arranged in the barrel of a pen used to generate an electronic signature as the preferred digital signature. The patent of the United States No. 6,064,751 (Smithies) discloses a method to generate a digital signature by using various metric and biometric sensors arranged in the barrel of the pen. A computer-based system captures and verifies a handwritten electronic signature. The system includes a pen with a plurality of sensors that capture the biometric properties of the user, and a database of signature patterns that stores the verified signature information. At the time of signing, a digital signature is generated that includes certain writing characteristics during the signing action, such as, for example, size, shape and relative placement of the curves, turns, lines, points, crosses and other characteristics of the signature that is being written, as well as the relative speed at which the feature is being imparted. A composite digital signature captured from signature measurements is compared to a reference set of stored measurements to obtain a similarity mark. The interrogator is in digital communication with a host computer - the interrogator is located in a point of sale terminal. The wireless device is preferably a transponder. The pen can be attached to a point of sale terminal, via a writing-based computer or a sign plate. A digital signature, such as, for example, a fingerprint, is captured during a registration process and stored in a file associated with the registrant or on the wireless device. Customer records warn the system of a customer account that will be used for payment. The client also enters an electronic signature (handwritten name) and a digital signature for reference purposes - a fingerprint. The client is then supplied with a wireless device, the wireless device has a data buffer. The data store can be an ID card, a credit card, a smart card, a transponder, a bar code, or a combination of these data stores. A reader of the identification device (such as, for example, a card reader, an interrogator, an explorer) is located in the point of sale terminal that is compatible with the wireless device. After this, when the client uses a pen to enter written data - an electronic signature is generated. Similarly, a sensor in the pen captures the data that is used to generate a digital signature. Then you have access to a reference print through the data store on the wireless device carried by the customer. The digital and electronic signatures are then compared against the reference data to confirm the identity. The pen includes one or more fingerprint sensors that capture an image of a customer's finger when the pen is taken. While fingerprint sensors are used herein for purposes of illustration, it should be expressly understood that the principles of this invention can also be applied to the sensitization of DNA and other biotechnical properties-including cell capture or sensors for cellular analysis . During routine use of the pen, the sensor captures the data necessary to compare it with the digital signature and determine identity verification. The preferred embodiment of the system for authenticated commercial transactions of the present invention is compatible with the following systems: The fingerprint sensor is something other than a pen (card reader, point of sale counter, card) Pen with sensors fingerprints attached to the point of sale Credit cards Stored value, ATM, verification cards Reference printing, bank and card account number, key or portfolio identifier Bank and card account number, key identifier or portfolio Personal identifier on card, key identifier or wallet Smart pen w / fingerprint sensors attached to the credit card at the point of sale Credit card Stored value, ATM, verification cards Reference printing, bank and card account number, identifier keys or portfolio Bank and account number on card, key identifier or wallet Personal identifier on card, key identifier or wallet Wireless smart pen w / sensors for fingerprints carried by the client Reference printing, bank and account number in an intelligent pen and bank account number in a smart pen. Personal identifier in a smart pen. For a more complete understanding of the authenticated payment system of the present invention, reference is made to the following detailed description and accompanying drawings in which the presently preferred embodiments of the invention are shown by way of example. As the invention can be incorporated in many forms without departing from the spirit of the essential characteristics thereof, it should be expressly understood that the drawings are presented for illustration and description only, and are not presented as a definition of the limits of the invention. Throughout the description, similar reference numbers refer to the same component in all the various views.

DETAILED DESCRIPTION OF THE DRAWINGS Figure 1 ?, discloses a preferred embodiment of an RFID system for payment processing of the present invention comprising a wireless device (an RFID data storage device that includes a unique customer registration number), a pen to capture a biometric property during the signature process, a processor - local interrogator (to confirm the identity based on the comparison of the data captured from the client with reference to the client's data) and a central computer (to store the records of the client) client and transaction records, and to generate monthly statements); Figure IB, discloses a second preferred embodiment of an RFID system for payment processing of the present invention comprising a wireless device (an RFID data store that references biometric data, metric data and signature data), a pen for capture a biometric property during the signing process, a processor-local questioner (to confirm the identity based on the comparison of the data captured from the client with the client's reference data), and a central computer (to store transaction records , and to generate monthly statements); Figure 1C, discloses a third preferred embodiment of a payment processing system of the present invention comprising a pen for capturing a biometric property during the signature process, a smart card reader, a smart card, the data storage device, and the smart card includes biometric reference data, metric data, and signature data (identity authentication based on the comparison of the customer's captured data with the customer's reference data presented in the card's data store) intelligent), and a central computer (to store transaction records); Figure ID, discloses a fourth preferred embodiment of an RFID system for payment processing of the present invention comprising a wireless device (an RFID data store that includes a unique customer registration number) a pen for capturing a biometric property during the signature process, a processor-local questioner (for data collection from the wireless device and the pen) and a central computer (to authenticate the identity based on the comparison of the customer's captured data with the customer's reference data) , to store customer records and transaction records, and to generate monthly statements); Figure 2A, discloses a preferred embodiment of a security RFID processing system of the present invention comprising a wireless device (the RFID data store that includes a unique user registration number), a pen for capturing a biometric property during the signature process, a processor - local interrogator (to authenticate the identity of the user based on the comparison of the data captured from the client with the customer reference data), and a central computer (to store the security access codes) and access requests); Figure 2B, discloses a second preferred embodiment of a security RFID processing system of the present invention comprising a wireless device (the RFID data store includes biometric user data, user metric data, and user signature data, and a unique user registration number), a pen to capture a biometric property during the signing process, a local -interrogator processor (to authenticate the user's identity based on the comparison of the captured data of the client with the data of client reference), and a central computer (to store security access codes and access requests); Figure 3 sets forth a preferred bar code mode for payment processing of the present invention comprising a wireless device (the bar code data storage including a unique customer registration number), a pen for capturing a biometric property during the signature process, a barcode reader through a local processor (to authenticate the identity based on the comparison of the customer's captured data with the client's reference data), and a central computer (to store customer records and transaction records, and to generate monthly statements); Figure 4 sets forth a preferred embodiment of a system for processing a conventional payment for goods and services in a point of sale terminal, comprising a customer ID card (the RFID data store that includes a customer registration number). only), a user's credit or debit card from which the value of the goods or services is withdrawn, a pen to capture a biometric property during the signing process, a processor-local questioner (to authenticate the identity based on the comparison of the captured data of the client with the data of reference of the client), and a central computer (to store the registers of the client and the registries of transaction, and to generate statements of account monthly), the transaction is blocked if the data ID card reference numbers do not match the biometric, metric or signature data captured from the pen; Figure 5?, Shows a simplified logic diagram for a preferred method for registering new users in the access security system (account, network, physical data) of the present invention; Figure 5B, set forth a simplified logic diagram for a preferred method for registering existing users in the access security system (account, network, physical data) of the present invention, the record is presented dynamically as a request for local access that it is being processed; Figure 6A, shows a simplified logic diagram for a preferred method to allow access to an account, network or physical data that includes a lower security identity authentication, two streams of detected data that are compared to two streams of data from reference, the access that is allowed if the stream of sent data matches a reference data stream; Figure 6B, shows a simplified logic diagram for a preferred method to allow access to an account, network or physical data that involves a medium security identity authentication, a stream of detected data that is compared to a data stream of reference, to allow access if the detected data coincide with the reference data; Figure 6C, shows a simplified logic diagram for a preferred method to allow access to an account, network or physical data that implies a higher security identity authentication, two detected data streams compared to two reference data streams , where access is allowed if and only if each stream of detected data matches its corresponding stream of reference data; Figures 7? and 7C, set forth a simplified logic diagram for a preferred method for the security system of the present invention, which allows access to network data for a remote user that includes high security identity authentication to a high security request. In network, where an acceptance threshold is adjusted (see Figure 18? and 18B), two data streams are captured and processed, access is allowed if and only if each stream of sensitized data matches its corresponding stream of reference data; Figures 7B and 7C, set forth a simplified logic diagram for a preferred method for the security system of the present invention, which allows access to networked data to a remote user involving high security identity authentication to a request of high network security, where an acceptance threshold is adjusted (see Figure 18A and 18B), two data streams that are being captured and processed, access is allowed if and only if each stream of detected data matches its Corresponding stream of reference data, erroneous data information that is being provided to the user if identity authentication is not confirmed; Figure 8, sets forth a simplified logic diagram for another embodiment of the security system of the present invention, wherein the reference data is used in order to confirm the identity of the user to cash a check; Figure 9, shows a simplified logic diagram for a preferred method to allow access to a secure area, the user carrying a wireless device having the RFID data store, a stream of detected data compared to a data stream of reference, to allow access if the detected data coincide with the reference data; Figures 10A and 11A, illustrate a preferred embodiment of a simplified RFID data store and simplified registration of the central computer client of the payment processing system of Figure 1A; Figures 10B and 11B, illustrate a preferred embodiment of the simplified RFID data store and simplified registration of the central computer client for the payment processing system of Figure IB; Figure 12A, discloses a preferred embodiment for the pen of the security system of the present invention to provide images of any fingerprint that touches the area of the pen body, an ultrasonic sensor that is positioned along the axis of the pen , the sensor rotates to capture finger images (similar to a sonar), to provide a roll-up sensor configuration for capturing fingerprint images; Figure 12B, discloses another preferred embodiment for the pen of the security system of the present invention to provide images of any fingerprint that touches the pen's body area, six elongated silicon chip sensors that are mounted on the surface of the pen body, which provide a roll-up sensor configuration for capturing fingerprint images; Figures 13A and 13B, exploded views of other preferred embodiments of configurations of fingerprint roller sensors, which provide a roll-up sensor configuration for capturing fingerprint images; Figures 14A and 14B, exhibit simplified user registration data and a list of sites for security access to be used in a financial institution; Figures 15A and 15B, show a variation of a wireless pen for use with the security access system of the present invention, the wireless pen includes a fingerprint sensor, a magnetic tape, and an active hinge to open and close a pivotal cover where a magnetic tape is placed; Figure 16A, discloses a device for customer identification for the security access system of the present invention, the device for customer identification is a card, wherein the card includes an active transponder; Figure 16B, discloses a device for customer identification for the security access system of the present invention, the device for customer identification is a card, wherein the card includes a credit card with magnetic tape; Figure 16C, discloses a device for customer identification for the security access system of the present invention, the device for customer identification is a card, wherein the card includes a bar code; Figure 16D, discloses a device for customer identification for the security access system of the present invention, the device for customer identification is a card, with two data stores, where a data store is the passive transponder and the second data store is the bar code; Figure 16E, discloses a device for identification of customers for the security access system of the present invention, the device for identification of customers is a card, with three data stores, where a data storage is the magnetic tape, the second data store is a passive transponder and the third data store is the bar code; Figure 16F, discloses a device for identification of customers for the security access system of the present invention, the device for identification of customers is a card, with two data stores, where a data storage is the magnetic tape and the second data store is the bar code; Figure 17, still exposes another preferred embodiment of the wireless device of the present invention, the wireless device is a commercial paper with an RFID data storage device disposed therein, the data storage allows the tracing of commercial paper, and allows authentication of identity in transfer sites. . For the purposes of analysis herein, there are two types of RFID devices (1) a signal that is given to a subscriber to be used by that subscriber; and (2) a signal that is granted and can be exchanged easily and freely among subscribers (similar to currency). The latter can take the form of a plastic card, a promissory note or a coin. Figure 18A, shows a simplified threshold graph to authenticate low risk commercial transactions; and Figure 18B, shows a simplified threshold chart for authenticating high-risk commercial transactions.

DETAILED DESCRIPTION OF THE MODALITIES With reference to the drawings, Figure 1A, IB and 1C generally set forth the security access system of the present invention. The system for authenticated business transactions comprises a wireless device carried by the customer, a reader of the device for accessing the customer's data through the wireless device, a device for generating an electronic signature, a sensor for capturing a digital signature during the course of the commercial transaction, a processor at the point of sale to process the electronic signature data and the digital signature data from the reader of the device, and a central computer in digital communication with the point of sale processor. The preferred embodiment of the system for identity verification of the present invention is to have access to the account data, to access the data on the network, and for physical access. The central computer has access to the data that links the customer to the client's payment account. The interrogator is linked to the central computer arranged in the terminal of the point of sale. The transponder is wireless and is carried by the client, and transmits data to the interrogator at the time of the request. The data transmitted from the transponder allows the system to perform an initial identification of the client. The pen is attached to the terminal of the point of sale and includes a sensor arranged in the body of the pen. The sensor captures and generates a digital signature of the client while the client signs with his name. Access to the customer's payment account is only allowed after the identity has been verified - by matching the digital and / or electronic signatures with the reference data previously submitted by the client. In the two-step process of the identity verification process of the present invention, the identity of the client is initially performed by the data transmitted from the transponder to the interrogator. The second step includes capturing the data used to generate the digital and electronic signatures. Only after the captured data is compared against the reference data will the transaction be allowed to proceed. The method for authenticating a commercial transaction of the present invention comprises a client approaching a point of sale terminal with goods that will be acquired, the client generates an electronic signature as an expression of the intention to perform the commercial transaction, capturing a digital signature of the client when the electronic signature is being generated, comparing, the digital comparative signature of the client against the digital signature of reference, and authorizing the transaction whenever a predetermined threshold for authentication has been met and the client has sufficient funds to cover the transaction. This identity authentication system is used in commercial transactions at a point-of-sale terminal. Customer records warn the system that a customer's account will be used for payment. The client also enters an electronic signature (handwritten name) and a digital signature for reference purposes - a fingerprint. The client is then supplied with a wireless device, the wireless device has a data buffer. The data store can be an ID card, a credit card, a smart card, a transponder, a bar code, or a combination of these data stores. A reader of the identification device (such as, for example, a card reader, an interrogator, an explorer) is located in the point of sale terminal that is compatible with the wireless device. After this, when the client uses a pen to enter written data - an electronic signature is generated. In a similar way, a sensor in the pen captures the data that is used to generate a digital signature. A reference print is then accessed through the data store on the wireless device carried by the customer. The digital and electronic signatures are then compared against the reference data to confirm the identity. Figures 2A and 2B show simplified methods for registering new and existing customers, respectively. For a new customer, the customer record must be created. For an existing customer, the customer record already exists. A major advantage of having the reference data in the customer record (in place of the transponder) is that the amount of storage of reference signatures available in the data store is not of fundamental importance. When the reference signature data is stored within the transponder, the amount of the data buffer within the transponder may not be sufficient to store this data. For the existing customer, the customer record is already in existence although a confirmation check is necessary to confirm that the customer has authorized access to the account. The method overcomes the inconvenience of having to register all existing clients. Existing customers can use a "dynamic record" during a routine transaction. Digital and electronic signatures are captured during a routine business transaction, using the pen. After this, during a commercial transaction, the detected impression is compared to the reference print as part of the identity verification process each time the card is presented through a card reader. Similarly, if a transponder is used, perhaps to buy gasoline and other items at a store affiliated with the gas station, the pen captures the digital signature and uses it as a reference print. For example, in a branch of a bank, the pens of the present invention are placed in all the teller windows, all the ATMs, and all office desks. New customers are provided with a debit / check / ATM card at the time of submitting an application. The client uses a feather similar to the pens in the boxes. The customer's reference print is captured during registration, preferably within a bank branch and the digital and electronic signature data is encrypted and stored in the customer's bank record. These cards can now be supplied and distributed to customers once the registration is completed, just as hotels use them to grant room keys at the time of registration - the cards are pre-printed and certain data is loaded onto the card before being granted. The pen can be attached to the terminal of the point of sale, attached to a computer based on deeds, or a plaque to sign. In addition, the boom can be wireless, which incorporates the transponder in the wireless boom (see Figures IB and 1C). Each pen also includes one more fingerprint sensors that capture an image of a customer's finger when the pen is taken. The transponder responds to a radio signal by emitting its own radio signal. Each transponder is marked with a unique serial number. That serial number can be linked to a credit or debit account. A typical sale may require a match of digital signatures, may require a match of electronic signatures, and may require a match of both digital signatures and electronic signatures. The client selects the goods and goes to a point of sale terminal. The point of sale terminal indicates that the transaction will be paid through a transponder. An interrogator placed in the terminal of the point of sale collects the data from the transponder. A light warns the customer that the payment has been accepted. The payment is made instantly from the account registered by the client. The interrogator emits a low frequency transmission, in general via your antenna. The transponder is inactivated until activated by the interrogator. When a transponder passes within this variation, the transponder is excited, causing the transponder to transmit its data in response to the query. The interrogator enters the query to the transponder and receives return data from the transponder. In a preferred embodiment, the transponder has an improved data store (similar to a smart card), in which case the encrypted reference fingerprint is stored within the transponder data store. Also, the data store may contain an account number, balance - and customer data that will be stored in the transponder data store. Figure 6A shows the bank record of the corresponding customer. The comparison of the detected impression with the reference print for purposes of identifying the preference identity is presented in the transponder. A significant advantage of this system is that the transaction can be completed at the point of sale terminal with minimal access / entry from the activator. Another advantage is that the activator and the account data are updated after the transaction is completed. In another preferred embodiment, the transponder has a limited data buffer (similar to a magnetic tape). The writing device is a pen attached to the point of sale terminal and the digital and electronic signatures are stored in the customer record. The customer's bank and the account number are in the transponder. The reference signatures are in the client's record in the customer's bank. The comparison of the detected signatures with the reference signatures for the purpose of verifying the identity of preference is presented either in the activator (where the detected impression is transmitted) or in the terminal of the point of sale (where the printing is transmitted). of reference). In a variation of this modality, the transponder has a reference index to the bank and to the customer's account number. For increased security, the index reference number in the account index and the transponder change with each transaction. The reference print is in the customer's record in the customer's bank. A significant advantage is that because there is minimal information in the transponder device, if the transponder is lost or stolen, it is of little use to thieves and pirates. While they can locate the bank and the client's account number (which can be learned from a personal check), these funds can not be accessed because the digital and / or electronic signatures do not match. Another advantage is that the data transmission is done through wired connections (more secure). A passive transponder (not including a power supply) carried by the customer on your person is available on a card carried in a wallet or on a key ring - it may be necessary to remove and check it through a card reader or near an interrogator . An active transponder (includes a power supply) can also be PDA, jewelry, glasses, clothes, or the like. A transponder of choice is commercially available from AMSKAN of Mulgrave, Victoria in Australia - the Infrared Data Link allows a serial data transfer "through the windshield" between a vehicle and the roadside in natural light with high reliability and is currently used to capture information from vehicles as they recharge fuel, or speeds on the road. The IRD consists of two main components, the interrogator and the wireless transponder. The interrogator is mounted in the terminal of the point of sale. The size of the transponder is 130 x 80 x 50 mm. Another transponder of choice is Miotec's mPollux - developed on a SIM card and its integrated security solutions offer a flexible and secure platform with sufficient capacity for a wireless PKI system. The SIM platform is a FLASH microcontroller, which has a separate RISC processor for RSA operations. The MioCOS operating system is in accordance with the GSM and PKI standards. In addition, integrated biometric functions allow, among other things, to replace the PIN code on an electronic ID card with fingerprint matching. In yet another preferred embodiment of the systems for writing-based verification of the present invention, a transponder is used in a smart card. The smart card supports both contactless and contactless transactions. This card is currently commercially available and is known as a "Digital Pusan Card". The Digital Pusan Card is one of the first to combine a smart card functionality by contact and without contact on an individual chip. It supports a wide range of services, combines functions of credit card, debit and pre-payment. Compatible with smart pager, the card is used without the Hanaro Transportation scheme. Cardholders can recharge their electronic purses in recharge machines and ATMs. In addition to proven and safe dual interface technology, it operates in both contact and non-contact mode. The card is loaded by any of its contact interface or without contact. This allows many recharge possibilities including in bank terminals, bus stations or, with a PC and a card reader, through the Internet - and also allows electronic purchases via the Internet. The use of this transponder as a component of the writing-based verification system of the present invention allows the transponder to be compatible with both card-based and cardless systems. In the card-based system, the device is checked through a card reader in the terminal of the sales center - and the customer signs his name using the fingerprint pen. The image of the reference fingerprint is stored in the smart card / transponder device, whereby also the coincidence of the detected impression (coming from the pen) is compared with the image of the reference fingerprint. This modality that allows the compatibility with both card readers and transponders is also the key to allow a transition to a system without cards.

The preferred embodiment of the security access system of the present invention is compatible with the following systems: The fingerprint sensor is something other than a pen (card reader, point of sale counter, card) Pen with sensors fingerprints attached to the point of sale Credit cards Stored value, ATM, verification cards Reference printing, bank and card account number, key or portfolio identifier Bank and card account number, key identifier or portfolio Personal identifier on card, key identifier or wallet Smart pen w / fingerprint sensors attached to point of sale Credit cards Stored value, ATM, verification cards Reference printing, bank and card account number, key identifier or bank portfolio and account number on card, key identifier or portfolio Personal identifier on card, identified Key or portfolio Smart wireless pen w / sensors for fingerprints carried by the customer Reference printing, bank and account number in a smart pen Bank and account number in a smart pen Personal identifier in a smart pen. When wireless devices are used, the security of the system is of greater importance, because an integral part of the system, in this case the transponder, is not integrated into the system, in its wireless place and is carried by a client. The digital reference and electronic signature data are stored in the transponder register as well as in the client. During a request for a transaction at the point of sale, a comparison of the reference data in the transponder is compared with the reference data in the customer record to determine whether the transponder has been tampered with or replaced with a counterfeit transponder. This verification does not need to be done every time but it could be randomly or in the case that the transaction involves a large amount of value. There are other ways. When the reference printing is stored in a transponder that is carried by the customer, any of the following technologies can also be employed. The patent of the United States No. ,619,025 (Hickman, et al.) Discloses a method for inviolable identification using photo-refraction crystals. The method for document authentication takes advantage of a temporally variable physical process to generate a reproducible effect that can not be copied. A document such as, for example, a credit card is provided with a mark or tape incorporating at least one, and preferably a large plurality of photo-refraction crystals arranged in a random manner. The document authentication apparatus includes a coherent light source such as, for example, a diode laser to illuminate the photo-refraction crystals, and a photo-sensor to receive scattered light from the photo-refraction crystals. The random distribution and orientation of the photo-refraction crystals comprises a unique feature for each card or document, and this feature is not based on any assigned number or code. The response of photo-refraction crystals to coherent illumination comprises a characteristic with variation of time that depends on the intensity and temporal nature of the illumination itself. The input to the laser illuminator can be varied to produce different responses from the photo-refraction crystals, and this factor can be very difficult to falsify. Also, for any given illumination intensity or temporal pattern, the image received by the photo-sensor varies with time. The time in which the photo-sensor signal is displayed to obtain and identify images can also be varied, thus increasing the difficulty for a counterfeiter to overcome it. A large number of "snapshots" of the variable-time image of the document is electronically captured, digitized, and stored in an electronic medium. The photo-sensor signal is compared with the stored data; a match indicates a valid document, and the mismatch indicates an invalid or unauthorized document. The process for image recognition can be improved by comparing the rate of change in a sequence of images produced by the laser illuminator. The patent of the United States No. ,834,748 (Litman) discloses a card that includes magnetic particles and is difficult to counterfeit. The intensity, period, amplitude and / or alignment of the magnetic field signal can be read as information encoded by a magnetic reader head. The coding of this information can be done by increasing the difficulty to imitate or falsify the variable parameters within these (and other) mechanically readable inscriptions. The device can read (can read mechanically) the security means to avoid the falsification of identification cards, (including the new smart cards with readable chips in them) and pen. The security of the pen is enhanced by the implementation of a mechanically readable security system, which includes a mechanically readable magnetic mark embedded in the transaction article. The mark can also be observed or read visually, although at least it must be readable by a reading head capable of reading the passage of a magnetic material through the head. The preferred mark is in the form of at least two magnetic filaments or strips and preferably includes multiple filaments of different co-liability, resistance to magnetic fields, alignment of magnetic fields, size or separation such that when the pen is passed to a defined speed and preferably constant through the reading device, approval will be provided only when the appropriate signal is provided by the orderly array of suitable magnetic elements in the pen. When the digital signature is generated through fingerprint data, the record can also be presented without the pen, but instead with a fingerprint sensor that essentially captures a finger fingerprint for reference purposes. Subsequently, when the pen is used, partial printing is compared with the complete fingerprint for matching purposes. Just as a transponder that is compatible with existing card readers allows the system of the present invention to be compatible with card-based systems and writing-based systems (without card) such as r 48 previously shown, the use of a pen that is compatible with existing card readers offers many similar advantages for a wireless pen, which is compatible with card-based systems and writing-based systems. Figures 15? and 15B disclose a first preferred embodiment of a pen body for use with the identity authentication system of the present invention, the body has a rotatable layer and includes a magnetic tape that can be read by a conventional card reader . The fingerprint sensors of choice are any of the following: the FingerTIPMR sensor from Infineon enables the integration of a miniature fingerprint sensor into a wide variety of finished products including PCs, notebook computers, portable devices, decoders, ATM, point of sale terminals, kiosks for ticket sales, building access systems, or any other application that could benefit from PIN replacement and a password identification with verification based on biometrics. The chip is compact, reliable and strong enough to convert a biometric user ID from previously exotic technology into a daily reality. The FingerTIP chip is a small IC (18mm x 21mm x 1.5mm) that is fixed to a 288 x 224 pixel contact sensor array that forms images of lines and flanges of a human fingerprint when a user touches the device. Each pixel has a data depth of 8 biteos, which allows the evaluation of very fine degradations (256 shades of gray) of a fingerprint and its translation into a set of indices - the key identification characteristics of a fingerprint and individual. Imaging and data transfer of an impression takes only 100 milliseconds. STMicroelectronics has developed a sensor for fingerprints of practically the same size as the Infineon sensor and which uses a capacity-sensor-arrangement technology; the construction of silicon ICs that contain an array of sensor plates. The S 1 s technology TouchChip uses a technique for capacitive detection to capture, in less than a tenth of a second, a high resolution image of a digital screen when the finger is applied directly to the surface of the chip. The output of the chip is a digital representation of the fingerprint, which can be processed by the algorithms developed by 5AGE, which immediately confirms or invalidates the recognition of the pre-identified persons and then is further processed by application-dependent software. A transponder of choice is commercially available from A SKAN of Mulgrave, Victoria in Australia - the InfraRed Datalink allows a serial data transfer "through a windshield" between a vehicle and the edge of the road in daylight with high reliability and is currently used to capture information from vehicles as they replenish fuel, recharge, or at highway speeds. The LRD consists of two main components, the interrogator and the wireless transponder. The interrogator mounts in any terminal of the point of sale. The size of the transponder is 130 x 80 x 50 mm. Another transponder of choice is Miotec's mPollux - which is developed on an SI card and its integrated security solutions offer a flexible and secure platform with sufficient capacity for a wireless PKI system. The SIM platform is a FLASH microcontroller, which has a RISC processor separate from the RSA operations. The MioCOS operating system is in accordance with the GSM and PKI standards. In addition, integrated biometric functions allow, among other things, to replace the PIN code on an electronic ID card with fingerprint matching. One of skill in the art will also recognize the application of the principles of the system for identity verification of the present invention for electronic commerce, wherein the subscriber seeks to enter or access data, or simply to initiate correspondence with another. When the subscriber who wishes to perform the transaction is far from the terminal of the central computer (or second subscriber), the remote subscriber in general can not observe, and in this way can not establish the race, ethnicity, gender, or even the species. In these cases, the need for identity verification is even more important. Accordingly, the process for identity verification of the present invention requires that the remote subscriber have access to a signature plate - the signature plate has means for generating a digital signature and an electronic signature.

The digital and / or electronic signatures are compared against the reference data before allowing the transaction to be carried out, and the digital and electronic signatures are captured and kept in a transaction log. Through this application, reference was made to various United States patents, patent applications and PCT applications by number and inventor. The exhibits of these patents and applications in their entirety are incorporated herein by reference in this specification in order to describe in more detail the state of the art to which this technology belongs. It is evident that many alternatives, modifications and variations of the authenticated business transaction system of the present invention will be apparent to those skilled in the art in light of the disclosure herein. It is intended that the limits of the present invention be determined by the appended claims in lieu of the language of the above specification, and that all these alternative modifications and variations forming a cooperative equivalent as a whole are intended to be included within the spirit and scope of these claims. .

Claims

NOVELTY OF THE INVENTION Having described the present invention, it is considered as a novelty and, therefore, the content of the following CLAIMS is claimed as property: 1. A method for processing an access request, the method is characterized in that it comprises : to. capture user reference data (including biometric user data or metric user data) from a wireless device carried by a user, the user's reference data that has been entered in a registration process; b. capture the user's detected data (including user's biometric data or user's metric data) as the user enters a name, the name that is being written with a pen; c. transmitting the detected data of the user and the data captured from the user to a processor system, the user's reference data is transmitted to the processor by means of a radio frequency transmission; d. compare the user's detected data against the user's reference data in the processor; and. authenticate the identity of the user based on the results of the comparison; and f. allow user access (account, network, or physical data) if the processor confirms the user's identity and other system criteria (availability of funds, liquidity) confirms that the access request must be approved).
2. A method for processing an access request, the method is characterized because it comprises: a. capture a user registration number from a wireless device carried by a user, the user registration number that has been entered in a registration process; b. capture the data sent by the user (including biometric user data or metric data of the user) as the user writes a name, the name that is being written with a pen; c. transmitting the detected data of the user and the registration number of the user to a processor system, the user registration number is transmitted to the processor by means of radio frequency transmission; d. use the user registration number to retrieve user reference data (including biometric data, user's metric data, or user's signature data); and. compare the user's detected data with the user's reference data in the processor; f. authenticate the identity of the user based on the results of the comparison; and g. allow user access (account, network, or physical data) if the processor confirms the user's identity and other system criteria (availability of funds, liquidity) confirms that the access request must be approved).
3. A method for processing an access request, the method is characterized in that it comprises: a. capture the user's reference data (which includes biometric user data or metric user data) from a wireless device carried by a user, the user's reference data is appended in a bar code, the user's reference data they have entered into a registration process; b. capture the user's detected data (including user's biometric data or user's metric data) as the user enters a name, the name is written with a pen; c. 'transmitting the user's detected data and the data captured from the user to a processor system, the user's reference data is transmitted to the processor by means of a bar code reader; d. compare the user's detected data against the user's reference data in the processor; and. authenticate the identity of the user based on the results of the comparison; and f. allow user access (account, network, or physical data) if the processor confirms the user's identity and other system criteria (availability of funds, liquidity) confirms that the access request must be approved. '
4. A method for processing an access request, the method is characterized in that it comprises: a. capture the user's registration number from a wireless device carried by a user, the user's registration number is included in a bar code that has been entered in a registration process; b. capture the user's detected data (including user's biometric data or user's metric data) as the user enters a name, the name is written with a pen; c. transmitting the detected data of the user and the user registration number to a processor system, the user registration number is transmitted to the processor by means of a barcode scanner; d. use the user registration number to retrieve user reference data (including biometric user data, user metric data, or user signature data); and. compare the user's detected data with the user's reference data in the processor; F. authenticate the identity of the user based on the results of the comparison; and g. allow user access (account, network, or physical data) if the processor confirms the user's identity and other system criteria (availability of funds, liquidity) confirms that the access request must be approved).
5. A system characterized in that it comprises: a. a pen to capture biometric data, metric or user signature data, from a user as the pen is being used to enter user data; b. a wireless device carried by the user, the wireless device has a data storage, the data storage includes user data, the user data that includes a registration number of the user's data; c. a processing system that captures the user's data record number from the wireless device by means of radio frequency transmission, the radio frequency transmission is presented from the wireless device to the processor, the processing system has access to the reference data of the user by using a user registration number, the user's data record includes reference data that includes biometric user data, user metric data, or user signature data, the processing system uses the captured data processed from the pen for comparison against the processed user reference data from the wireless device, authentication is performed based on comparison, user access (account, network, or physical data) that is allowed if the processor confirms the identity of the user and other system criteria (dispo availability of funds, liquidity) confirms that the access request must be approved.
6. A system characterized in that it comprises: a. a pen to capture biometric data, metric data or data from the user's signature, as the pen is used to enter user data; b. a wireless device carried by the user, the wireless device has a data storage, the data storage includes user reference data (including biometric user data, user metric data, or user signature data); c. a processing system that captures the user's reference data from the wireless device by means of a radio frequency transmission, the radio frequency transmission is presented from the wireless device to the processor, the processing system uses the processed captured data from the pen for comparison against processed user reference data from the wireless device, user authentication is performed based on comparison, user access (account, network, or physical data) that is allowed if the processor confirms the User identity and other system criteria (availability of funds, liquidity) confirms that the access request must be approved.
7. A system characterized by comprising: a. a pen to capture biometric, metric or user signature data from a user as the pen is being used to enter user data; b. a wireless device carried by the user, the wireless device has a data storage, the data storage includes user data, user data that includes a registration number of the user's data, the user's data is included in a code of bars; c. a processing system that captures the registration number of the user's data from a wireless device by means of bar code reader, the processing system has access to the user's reference data by using a registration number of the user, the user's data record includes reference data that includes biometric user data, user's metric data, or user signature data, the processing system uses captured captured data from the pen for comparison against the user's reference data processed from the wireless device, user authentication is performed based on the comparison, user access (account, network, or physical data) that is allowed if the processor confirms the user's identity and Other criteria of the system (availability of funds, liquidity) confirms that the access request must be approved.
8. A system characterized in that it comprises: a. a pen to capture biometric data, metric data or user signature data, as the pen is being used to enter user data; b. a wireless device carried by the user, the wireless device has a data storage, the data storage includes user reference data (including biometric user data, user metric data, or user signature data); c. a processing system that captures the user's data registration number from the wireless device by means of a bar code reader, the processing system uses the processed captured data from the pen for comparison against the user's reference data processed from the wireless device, user authentication is performed based on comparison, user access (account, network, or physical data) that is allowed if the processor confirms the user's identity and other system criteria (availability of funds, liquidity) confirms that the access request must be approved.
9. A method to allow a user to process a payment for goods or services from a supplier, the method characterized in that it comprises: a. present sufficient funds to pay for the goods or services; the presentation of funds is made through a card payment and through a card reader; b. capture the user's reference data (which includes biometric user data or metric user data) from a wireless device carried by the user, the wireless device is separately and apart from the payment card, the user's reference data they have presented themselves in a registration process; c. capture the user's detected data (including biometric user data or metric user data); d. transmitting the user's detected data and the user's reference data to a processor system, the user's reference data is transmitted to the processor by means of a radio frequency transmission; and. compare the user's detected data against the user's reference data; and f. warn the provider of goods or services when the identity of the user is denied, resulting from the comparison of the user's detected data with the user's reference data.
10. A method for processing an access request, the method is characterized in that it comprises: a. capture the user's detected data (which includes user's biometric data or user's metric data) as the user writes a name, the name is written with a pen; b. transmitting the user's detected data to a smart card, the smart card includes a smart card processor, the smart card processor includes a data store, the data store includes user reference data (including user biometric data or data) user metrics); c. comparing the user's detected data against the user's reference data in the smart card processor; d. authenticate the identity of the user based on the results of the comparison; and e. allow user access (account, network, or physical data) if the processor confirms the user's identity and other system criteria (availability of funds, liquidity) confirms that the access request must be approved). SUMMARY OF THE INVENTION This system for identity authentication is used in commel transactions in a terminal of a point of sale. The system comprises a device for capturing a client signature (signature plate or smart pen), a sensor for capturing a biometric property of the client during the transaction, a local processor, a wireless device carried by the client, a reader of the device placed in the point of sale terminal, and a central computer. Customer records warn the system that a customer's account will be used for a payment. The customer also enters an electronic signature (name, manuscript) and a digital signature for reference purposes - a footprint. The client is then supplied with a wireless device, the wireless device has a data storage. The data store can be an ID card, a credit card, a smart card, a transponder, a bar code, or a combination of these data stores. A reader of the identification device (such as, for example, a card reader, an interrogator, an explorer) is located in the point of sale terminal that is compatible with the wireless device. After this, when the client uses a pen to enter written data - an electronic signature is generated. Similarly, a sensor in the pen captures the data that is used to generate a digital signature. Then you have access to a reference print through the data store on the wireless device carried by the customer. The digital and electronic signatures are then compared against the reference data to confirm the identity.