US20190379659A1 - Portable biometric authentication device and terminal device using near field communication - Google Patents

Portable biometric authentication device and terminal device using near field communication Download PDF

Info

Publication number
US20190379659A1
US20190379659A1 US16/547,388 US201916547388A US2019379659A1 US 20190379659 A1 US20190379659 A1 US 20190379659A1 US 201916547388 A US201916547388 A US 201916547388A US 2019379659 A1 US2019379659 A1 US 2019379659A1
Authority
US
United States
Prior art keywords
biometric authentication
authentication device
terminal device
portable biometric
nfc
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Abandoned
Application number
US16/547,388
Inventor
Won-Churl Jang
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Samsung Electronics Co Ltd
Original Assignee
Samsung Electronics Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Samsung Electronics Co Ltd filed Critical Samsung Electronics Co Ltd
Priority to US16/547,388 priority Critical patent/US20190379659A1/en
Publication of US20190379659A1 publication Critical patent/US20190379659A1/en
Abandoned legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0861Network architectures or network communication protocols for network security for authentication of entities using biometrical features, e.g. fingerprint, retina-scan
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0492Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload by using a location-limited connection, e.g. near-field communication or limited proximity of entities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0853Network architectures or network communication protocols for network security for authentication of entities using an additional device, e.g. smartcard, SIM or a different communication terminal
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W4/00Services specially adapted for wireless communication networks; Facilities therefor
    • H04W4/80Services using short range communication, e.g. near-field communication [NFC], radio-frequency identification [RFID] or low energy communication
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F3/00Input arrangements for transferring data to be processed into a form capable of being handled by the computer; Output arrangements for transferring data from processing unit to output unit, e.g. interface arrangements
    • G06F3/01Input arrangements or combined input and output arrangements for interaction between user and computer
    • G06F3/03Arrangements for converting the position or the displacement of a member into a coded form
    • G06F3/033Pointing devices displaced or positioned by the user, e.g. mice, trackballs, pens or joysticks; Accessories therefor
    • G06F3/0354Pointing devices displaced or positioned by the user, e.g. mice, trackballs, pens or joysticks; Accessories therefor with detection of 2D relative movements between the device, or an operating part thereof, and a plane or surface, e.g. 2D mice, trackballs, pens or pucks
    • G06F3/03547Touch pads, in which fingers can move on a surface

Definitions

  • the inventive concept relates to a portable biometric authentication device and a terminal device. More particularly, the inventive concept relates to a portable biometric authentication device and a terminal device capable of communicating using near field communication (NFC).
  • NFC near field communication
  • Biometric authentication is usually based on one or more types of biometric information (e.g., a fingerprint, an iris, a finger vein, voice, etc.) provided by a user.
  • biometric information e.g., a fingerprint, an iris, a finger vein, voice, etc.
  • Biometric authentication is very convenient, since it frees the user for such requirements as carrying various card(s) and key(s) or memorizing passwords.
  • biometric information is difficult to counterfeit or falsify, thereby making biometric authentication highly secure.
  • Different forms of biometric information may be readily acquired using one or more biometric sensor(s) provided by an electronic device, such as a mobile phone.
  • biometric sensor(s) provided by an electronic device, such as a mobile phone.
  • many electronic devices either do not include biometric sensor(s) or are not physically, commercially and/or functionally susceptible to the incorporation of biometric sensor(s). Such electronic devices are not able to provide biometric authentication.
  • the inventive concept relates to a portable biometric authentication device and a terminal device and provides a portable biometric authentication device for providing biometric information via near field communication (NFC) and a terminal device for providing power to the portable biometric authentication device via the NFC.
  • NFC near field communication
  • a portable biometric authentication device that communicates with a terminal device using near field communication (NFC).
  • the portable biometric authentication device includes; a NFC antenna, a power supply circuit that generates at least one power voltage in response to an electromagnetic field generated by the terminal device and received via the NFC antenna, a sensor subsystem that operates in response to the at least one power voltage and includes a biometric sensor that acquires biometric information from a user, and a control subsystem that operates in response to the at least one power voltage and includes a NFC controller that controls the communication of the biometric information to the terminal device using the NFC antenna.
  • a terminal device configured to communicate with a portable biometric authentication device using near field communication (NFC).
  • the terminal device includes a first NFC antenna, a NFC subsystem configured to generate an electromagnetic field using the first NFC antenna, such that the portable biometric authentication device operates in response to at least one power voltage generated by the portable biometric authentication device in response to an electrical current induced in a second NFC antenna of the portable biometric authentication device by the electromagnetic field, and a personal authentication unit configured to perform personal authentication for a user of the portable biometric authentication in response to biometric information provided by the user to the portable biometric authentication device.
  • NFC near field communication
  • a method of operating a system including a terminal device using near field communication (NFC) to communicate with a portable biometric authentication device.
  • the method includes; powering operation of the portable biometric authentication device solely from an electromagnetic field generated by the terminal device, generating a request for biometric information of a user of the portable biometric authentication device in the terminal device, generating first biometric information from a fingerprint image provided by the user to a fingerprint sensor disposed in the portable biometric authentication device, communicating the first biometric information from the portable biometric authentication device to the terminal device using the NFC, and performing personal authentication of the user in the terminal device in response to the first biometric information.
  • NFC near field communication
  • FIG. 1 is a block diagram of a portable biometric authentication device and a terminal device according to an exemplary embodiment
  • FIG. 2 is diagrams of respective examples of the portable biometric authentication device and the terminal device of FIG. 1 according to an exemplary embodiment
  • FIG. 3 is a block diagram of a portable biometric authentication device according to an exemplary embodiment
  • FIG. 4 is a block diagram of a terminal device according to an exemplary embodiment
  • FIG. 5 is a flowchart of operations performed between the portable biometric authentication device and the terminal device of FIGS. 3 and 4 , according to an exemplary embodiment
  • FIG. 6 is a flowchart of an example of operation S 110 of FIG. 5 , according to an exemplary embodiment
  • FIG. 7 is a flowchart of an operation of receiving/transmitting data by a terminal device and a portable biometric authentication device in an encrypted near field communication (NFC) channel, according to an exemplary embodiment
  • FIG. 8 is a flowchart of an example of operation S 120 of FIG. 5 according to an exemplary embodiment
  • FIG. 9 is a flowchart of an example of operation S 130 of FIG. 5 according to an exemplary embodiment
  • FIG. 10 is a block diagram of a portable biometric authentication device according to an exemplary embodiment
  • FIG. 11 is an operation of updating software by the portable biometric authentication device of FIG. 10 , according to an exemplary embodiment
  • FIG. 12 is a block diagram of a portable biometric authentication device and a terminal device according to an exemplary embodiment
  • FIG. 13 is a flowchart of operations performed between the portable biometric authentication device and the terminal device of FIG. 12 , according to an exemplary embodiment
  • FIG. 14 is a block diagram of a terminal device according to an exemplary embodiment
  • FIG. 15 is a block diagram of a computing system and a portable biometric authentication device according to an exemplary embodiment.
  • FIG. 16 is a diagram of a card according to an exemplary embodiment.
  • NFC near field communication
  • Various approaches to NFC establish a set of corresponding communication protocols that enable one-way or two-way communication (i.e., transmission and/or reception) of signal(s) between multiple electronic devices.
  • a first electronic device generates an electromagnetic field
  • a second electronic devices comes into proximity with the electromagnetic field, an electrical signal is induced such that information may be wirelessly communicated between the first electronic device and second electronic device.
  • NFC information may be wirelessly communicated across a distance of up to about 10 cm.
  • Data communicated using NFC may be used by a user of an electronic device to make a payment, access an account, gain access to a product or place, etc.
  • the International Organization for Standards (ISO) and International Electro-technical Commission (IEC) ISO/IEC 21481 specifies a communication protocol, a data exchange format, signal frequencies and bandwidths (e.g., 13.56 MHz), etc., enabling NFC between electronic devices.
  • NFC may be used to communicate not only information or data bearing signal(s), but also power signal(s). That is, a first electronic device (the “initiator”) may generate an electromagnetic field, and a second electronic device (the “target”) may extract power from the electromagnetic field generated by the initiator device sufficient to operate the target device. For example, some target devices may extract an electrical current of up to about 50 mA from an electromagnetic field generated by an initiator device.
  • FIG. 1 is a block diagram of a portable biometric authentication device 100 and a terminal device 200 according to an embodiment of the inventive concept.
  • the portable biometric authentication device 100 and terminal device 200 communication information using NFC.
  • the portable biometric authentication device 100 may be used to acquire biometric information associated with a user and provide the acquired biometric information to the terminal device 200 .
  • the terminal device 200 may then perform personal authentication using (or based on) the provided biometric information.
  • the terminal device 200 may provide power to the portable biometric authentication device 100 using NFC, such that the portable biometric authentication device 100 may acquire biometric information, communicate acquired biometric information to the terminal device 200 , or perform some other function.
  • the portable biometric authentication device 100 may include a NFC antenna 110 , a power supply circuit 120 , a control subsystem 130 , and a sensor subsystem 140 .
  • the NFC antenna 110 may be used to (1) generate an electromagnetic field according to signals received from the control subsystem 130 (e.g., a NFC controller 131 in the control subsystem 130 ) and (2) receive an electromagnetic field generated by the terminal device 200 and provide one or more corresponding electrical signals induced in the NFC antenna 110 by the received electromagnetic field.
  • the NFC antenna 110 may be an antenna module including passive elements where the nature and arrangement of the passive elements may be determined by one or more resonance frequencies defined by an appropriate NFC protocol governing the operation of the terminal device 200 and/or portable biometric authentication device 100 .
  • the power supply circuit 120 may be connected to the NFC antenna 110 and may generate one or more power signals from the electrical signal(s) induced by an electromagnetic field proximate to the NFC antenna 110 .
  • the power supply circuit 120 may extract an electrical current induced in the NFC 110 by the electromagnetic field and generate at least one power voltage based on the extracted electrical current.
  • the power supply circuit 120 is assumed to provide a first power voltage VDD_C to the control subsystem 130 and a second power voltage VDD_S to the sensor subsystem 140 .
  • the control subsystem 130 and the sensor subsystem 140 may respectively operate in response to the first and second power voltages VDD_C and VDD_S provided by the power supply circuit 120 .
  • FIG. 1 shows different power voltages being provided to the control subsystem 130 and sensor subsystem 140 from the power supply circuit 120 .
  • identical power voltage(s) may be provided by the power supply circuit 120 to the control subsystem 130 and sensor subsystem 140 .
  • control subsystem 130 of FIG. 1 is assumed to include the NFC controller 131 , where the NFC controller 131 may be used in the portable biometric authentication device 100 to control the communication of data via the NFC antenna 110 .
  • the NFC controller 131 may be used to control the reception of a biometric information request received from the terminal device 200 and/or the transmission of (first) biometric information INFO_ 1 provided by the sensor subsystem 140 to the terminal device 200 in response to the biometric information request.
  • the NFC controller 131 is assumed to operate in response to the first power voltage VDD_C provided by the power supply circuit 120 .
  • the sensor subsystem 140 may include a biometric sensor 141 that is capable of providing the first biometric information INO_ 1 to the control subsystem 130 .
  • the biometric sensor 141 may acquire the biometric information from the user (e.g., a fingerprint image, an iris image, a finger vein pattern, voice pattern, or the like) and then convert the biometric information into corresponding electrical signal(s).
  • the biometric sensor 141 is assumed to operate in response to the second power voltage VDD_S provided by the power supply circuit 120 .
  • the control subsystem 130 and sensor subsystem 140 included in the portable biometric authentication device 100 may be operated using one or more power signals (e.g., power voltages) generated by the power supply circuit 120 in response to at least one electrical signal induced in the NFC antenna 110 by an electromagnetic field generated by the terminal device 200 .
  • the portable biometric authentication device 100 need not include a battery or equivalent internal power source, yet need not be externally connected to a power terminal in order to operate.
  • This feature allows the portable biometric authentication device 100 to be relatively simple in its design and structure. Further it may be provided (e.g., manufactured, fabricated and/or physically provisioned) with a relatively small form factor.
  • the term “small” refers to one or more physical dimensions (e.g., height, width, length, thickness, area, volume, etc.) of the portable biometric authentication device 100 .
  • the portable biometric authentication device 100 may be provided in a variety of user-friendly forms.
  • the portable biometric authentication device 100 may be embedded within a cover or case of the terminal device 200 .
  • the portable biometric authentication device 100 may be embedded within a convenient card (e.g., a credit card like form).
  • a convenient card e.g., a credit card like form.
  • the terminal device 200 may be an electronic device capable of performing personal authentication by communicating with the portable biometric authentication device 100 using NFC.
  • the terminal device 200 may be a desktop computer, a server system, a smart TV, an electric gate, a point of sale (POS) system, or the like.
  • the terminal device 200 may be a portable electronic device such as a laptop computer, a tablet PC, a mobile phone, a smart phone, an e-reader, a personal digital assistant (PDA), an enterprise digital assistant (EDA), a digital still camera, a digital video camera, a portable multimedia player (PMP), a personal or portable navigation device (PND), a handheld game console, or the like.
  • PDA personal digital assistant
  • EDA enterprise digital assistant
  • PMP portable multimedia player
  • PND personal or portable navigation device
  • the terminal device 200 may include a NFC antenna 210 , a NFC subsystem 220 , and a personal authentication unit 230 .
  • the NFC antenna 210 may be used to generate an electromagnetic field according to signals received from the NFC subsystem 220 (e.g., a NFC controller 221 ) or generate one or more electrical signals in response to an electromagnetic field generated by the portable biometric authentication device 100 .
  • the NFC antenna 210 may be an antenna module including passive elements where the number and arrangement of passive elements may determined by one or more resonance frequencies of the NFC antenna 210 .
  • the NFC subsystem 220 may include the NFC controller 221 , and the NFC controller 221 may control the NFC communication of data via the NFC antenna 210 .
  • the NFC controller 221 may communicate a biometric information request to the portable biometric authentication device 100 and/or receive biometric information from the portable biometric authentication device 100 via the NFC antenna 210 .
  • the NFC controller 221 may control the NFC antenna 210 such that power sufficient to operate the portable biometric authentication device 100 is provided to the portable biometric authentication device 100 by the electromagnetic field generated via the NFC antenna 210 .
  • the personal authentication unit 230 may receive (second) biometric information INFO_ 2 from the NFC subsystem 220 and may perform personal authentication based on the biometric information INFO_ 2 . For example, the personal authentication unit 230 may determine (e.g., compare) whether the second biometric information INFO_ 2 provided by the NFC subsystem 220 corresponds with expected (e.g., previously registered or predetermined) biometric information associated with the user during personal authentication.
  • the personal authentication unit 230 may be implemented as hardware logic operating in accordance with a state machine or as a processor executing a program stored in a memory accessible to the terminal device 230 .
  • FIG. 2 is a conceptual diagram illustrating respective physical implementations of the portable biometric authentication device 100 and terminal device 200 of FIG. 1 according to an embodiment of the inventive concept. That is, FIG. 2 shows a rear (or back) surface of a mobile phone 200 ′ and a mobile phone case 100 ′ that is mechanically attachable/detachable to the rear surface of the mobile phone 200 ′.
  • the mobile phone case 100 ′ may include a first primary surface configured to receive and attach the mobile phone 200 ′ and an opposing second primary surface exposing a NFC antenna 110 ′ and a biometric sensor 141 ′. That is, each of these two elements is externally exposed or accessible without removing the mobile phone 200 ′ from the mobile phone case 100 ′.
  • the NFC antenna 110 ′ may be embedded in the mobile phone case 110 ′ such that the NFC antenna 110 ′ may be positioned to face a NFC antenna 210 ′ embedded in the mobile phone 200 ′ when the mobile phone case 100 ′ is attached to the mobile phone 200 ′.
  • the biometric sensor 141 ′ may be provided in a surface opposite to the surface of mobile phone case 100 ′ facing the mobile phone 200 ′, such that the biometric sensor 141 ′ is externally exposed when the mobile phone case 100 ′ is attached to the mobile phone 200 ′. In this manner, the biometric sensor 141 ′ may readily acquire biometric information from the user, such that the biometric information may be communicated to the mobile phone 200 ′ via the NFC antenna 110 ′.
  • the mobile phone 200 ′ may include the NFC antenna 210 ′ and may perform personal authentication for the user based on the biometric information received via the NFC antenna 210 ′. For example, the mobile phone 200 ′ may access a bank server via a wireless communication network once personal authentication has been successfully performed and thus may provide access to certain banking function(s) by the authenticated user. The mobile phone 200 ′ may drive the NFC antenna 210 ′ to provide a NFC controller (not shown in FIG. 2 ), the biometric sensor 141 ′, or the like included in the mobile phone case 100 ′ with sufficient operating power.
  • a NFC controller not shown in FIG. 2
  • the biometric sensor 141 ′ or the like included in the mobile phone case 100 ′ with sufficient operating power.
  • the portable biometric authentication device 100 of FIG. 1 need not include a battery or power terminal connection in order to connect and operate the portable biometric authentication device 100 with the terminal device 200 .
  • the portable biometric authentication device 100 may be embodied as the mobile phone case 100 ′ which is a desirable accessory for the mobile phone 200 ′.
  • the mobile phone case 100 ′ may allow the mobile phone 200 ′, which does not include a biometric sensor, to perform personal authentication based on biometric information obtained from a user.
  • FIG. 3 is a block diagram further illustrating in one example a portable biometric authentication device 100 a according to an embodiment of the inventive concept.
  • FIG. 4 is a block diagram further illustrating in one example a terminal device 200 a according to an embodiment of the inventive concept.
  • the portable biometric authentication device 100 a of FIG. 3 is assumed to acquire a fingerprint image of the user as biometric information.
  • the terminal device 200 a of FIG. 4 is assumed to perform personal authentication based on the acquired fingerprint image.
  • a fingerprint image is used as one example of possible biometric information, but those skilled in the art will understand that one or more other types of biometric information may be substituted for described fingerprint image.
  • the portable biometric authentication device 100 a may include a NFC antenna 110 a , a power supply circuit 120 a , a control subsystem 130 a , and a sensor subsystem 140 a .
  • the NFC antenna 110 a and the power supply circuit 120 a may perform the same or similar functions as or to the NFC antenna 110 and the power supply circuit 120 of FIG. 1 .
  • the sensor subsystem 140 a is assumed to include a fingerprint sensor 141 a and a fingerprint image compressing unit 142 a .
  • the fingerprint sensor 141 a and the fingerprint image compressing unit 142 a may operate based on the second power voltage VDD_S provided by the power supply circuit 120 a to the sensor subsystem 140 a.
  • the fingerprint sensor 141 a may acquire and detect a fingerprint image provided by the user and correspondingly output one or more fingerprint images INFO_ 0 as electrical signal(s).
  • the electrical signal(s) corresponding to the provided fingerprint image are processed by the fingerprint sensor 141 a to (e.g.,) generate multiple, corresponding image pixels and generate output signals from the image pixels (e.g., the fingerprint images INFO_ 0 ).
  • the fingerprint images INFO_ 0 provided by the fingerprint sensor 141 a may be compressed by the fingerprint image compressing unit 142 a . That is, fingerprint images INFO_ 1 provided by the sensor subsystem 140 a to the control subsystem 130 a may be compressed data.
  • the fingerprint sensor 141 a may detect the fingerprint of the user a number of times during a given cycle and provide one or more fingerprint images INFO_ 0 as the result of each cycle.
  • the speed with which the fingerprint sensor 141 a provides the fingerprint images INFO_ 0 is an important factor in determining the speed with which biometric information is provided by the portable biometric authentication device 100 a to the terminal device 200 a .
  • the fingerprint image compressing unit 142 a may efficiently provide the first biometric information INFO_ 1 (e.g., compressed fingerprint images INFO_ 0 ) in response to the operation of the fingerprint sensor 141 a .
  • the fingerprint image compressing unit 142 a may select one or more of the fingerprint images INFO_ 1 and provide the selected fingerprint images for further processing by the fingerprint image compressing unit 142 a in order to generate high-quality biometric information INFO_ 1 from two or more fingerprint images INFO_ 0 .
  • the control system 130 a may include a NFC controller 131 a and an encryption processing unit 132 a .
  • the NFC controller 131 a and encryption processing unit 132 a may operate in response to the first power voltage VDD_C provided from the power supply circuit 120 a to the control subsystem 130 a .
  • the NFC controller 131 a may perform the same or similar functions as or to the NFC controller 131 of FIG. 1 .
  • the first biometric information communicated by the portable biometric authentication device 100 a to the terminal device 200 a via the NFC may be encrypted prior to transmission. That is, the encryption processing unit 132 a may encrypt the first biometric information INFO_ 1 provided by the sensor subsystem 140 a (e.g., the fingerprint image compressing unit 142 a ). Security of the fingerprint image(s) INFO_ 0 used during personal authentication must be maintained throughout the processes of acquiring, processing and most particularly during the transmission of the biometric information by the portable biometric authentication device 100 a .
  • the encryption processing unit 132 a may be used to maintain the security of the biometric information INFO_ 1 (and the underlying fingerprint image(s) INFO_ 0 ) during transmission of the biometric information INFO_ 1 to the terminal device 200 a using NFC.
  • the first biometric information INFO_ 1 communicated by the portable biometric authentication device 100 a may be encrypted data.
  • the terminal device 200 a will include the components necessary to exchange encrypted data with the portable biometric authentication device 100 a .
  • the encryption processing unit 132 a of FIG. 3 may be used to encrypt the first biometric information generated by the portable biometric authentication device 100 a .
  • the terminal device 200 a may include a NFC antenna 210 a , a NFC subsystem 220 a , and a personal authentication unit 230 a .
  • the NFC antenna 210 a and personal authentication unit 230 a may perform the same or similar functions as or to the NFC antenna 210 and the personal authentication unit 230 of FIG. 1 .
  • the NFC subsystem 220 a may include a NFC controller 221 a and an encryption processing unit 222 a .
  • the NFC controller 221 a may perform the same or similar functions as or to the NFC controller 221 of FIG. 1 .
  • the encryption processing unit 222 a may be used to decrypt the encrypted first biometric information received from the portable biometric authentication device 100 a using NFC. As described with reference to FIG. 3 , the encryption processing unit 132 a of the portable biometric authentication device 100 a may generate an encrypted, compressed, fingerprint image as the first biometric information INFO_ 1 that is communicated via an electromagnetic field generated by the NFC antenna 110 a . The encryption processing unit 222 a of the terminal device 200 a may be used to decrypt the encrypted biometric information in order to generate corresponding second biometric information INFO_ 2 that is provided to the personal authentication unit 230 a .
  • the encryption processing unit 222 a may also be used to encrypt data (e.g., a biometric information request) communicated to the portable biometric authentication device 100 a using NFC. A more detailed description of possible operations of the encryption processing unit 222 a will be described with reference to FIGS. 6 and 7 hereafter.
  • the encryption processing unit 132 a of the portable biometric authentication device 100 a and the encryption processing unit 222 a of the terminal device 200 a may be respectively implemented as an embedded secure element (eSE) indicating that an SE, which denotes an area including an element for safely storing or processing data, for example, financial information, authentication information, a service application, etc., which needs to be secured, is embedded in a semiconductor chip.
  • eSE embedded secure element
  • the encryption processing unit 132 a and the NFC controller 131 a of the portable biometric authentication device 100 a may be embedded in one semiconductor chip
  • the encryption processing unit 222 a and the NFC controller 221 a of the terminal device 200 a may be embedded in one semiconductor chip.
  • FIG. 5 is a flowchart describing the interoperation between the portable biometric authentication device 100 a and terminal device 200 a of FIGS. 3 and 4 according to certain embodiments of the inventive concept.
  • FIG. 5 shows a temporal flow of operations performed between the portable biometric authentication device 100 a and the terminal device 200 a such that the terminal device 200 a receives a security function request and a security function is enabled.
  • the operations of FIG. 5 will be described with reference to FIGS. 3 and 4 .
  • the terminal device 200 a may check whether the security function request is received.
  • the security function may be an operation that requires personal authentication and may include, for example, a payment function, a banking function, etc.
  • the terminal device 200 a may receive the security function request from the user.
  • the terminal device 200 a and the portable biometric authentication device 100 a may perform an operation of forming an encrypted NFC channel. As the encrypted NFC channel is formed, security of data exchanged between the terminal device 200 a and the portable biometric authentication device 100 a may be maintained. A detailed description of operation S 110 will be provided with reference to FIG. 6 hereafter.
  • the terminal device 200 a and the portable biometric authentication device 100 a may perform an operation of authenticating the portable biometric authentication device 100 a .
  • the terminal device 200 a and the portable biometric authentication device 100 a may perform an operation of authenticating the terminal device 200 a .
  • security of the personal authentication using the portable biometric authentication device 100 a may be reinforced.
  • operations S 120 and S 130 will be provided with reference to FIGS. 8 and 9 hereafter.
  • the portable biometric authentication device 100 a may perform an operation of enabling the sensor subsystem 140 a .
  • the NFC controller 131 a may enable the sensor subsystem 140 a when the terminal device 200 a is successfully authenticated in operation S 130 .
  • the NFC controller 131 a may, for example, control the power supply circuit 120 a to provide the second power voltage VDD_S to the sensor subsystem 140 a or may inactivate an enable input signal of the sensor subsystem 140 a.
  • the terminal device 200 a may request the portable biometric authentication device 100 a to acquire biometric information (e.g., a fingerprint image).
  • the portable biometric authentication device 100 a e.g., the fingerprint sensor 141 a
  • the portable biometric authentication device 100 a may acquire the fingerprint image from a fingerprint of the user.
  • the portable biometric authentication device 100 a e.g., the encryption processing unit 132 a
  • the portable biometric authentication device 100 a may transmit the encrypted fingerprint image to the terminal device 200 a.
  • the terminal device 200 a may determine whether the personal authentication succeeds. For example, the terminal device 200 a (e.g., the encryption processing unit 222 a ) may decrypt the encrypted fingerprint image received from the portable biometric authentication device 100 a . Then, the terminal device 200 a (e.g., the personal authentication unit 230 a ) may compare the decrypted fingerprint image with a known (e.g., registered or vetted) fingerprint image associated with the user. If the decrypted fingerprint image is different from the registered fingerprint image for the user, the terminal device 200 a may re-request that the portable biometric authentication device 100 a acquire a fingerprint image. On the other hand, if the decrypted fingerprint image is the same as the registered fingerprint image for the user, the terminal device 200 a may perform the security function in operation S 200 .
  • the terminal device 200 a may perform the security function in operation S 200 .
  • FIG. 6 is a flowchart further illustrating in one example the operation S 110 of FIG. 5 according to an exemplary embodiment.
  • the terminal device 200 a and the portable biometric authentication device 100 a may perform the operation of forming the encrypted NFC channel in operation S 110 .
  • the terminal device 200 a may generate an electromagnetic field. That is, the terminal device 200 a , as the initiator device of the NFC, may generate a carrier field.
  • the NFC controller 221 a may control the NFC antenna 210 a such that the NFC antenna 210 a generates the electromagnetic field.
  • the portable biometric authentication device 100 a may generate one or more power signals from the received electromagnetic field.
  • the power supply circuit 120 a may generate one or more power voltage(s) from an electrical current induced in the NFC antenna 110 a by the electromagnetic field generated by the NFC antenna 210 a of the terminal device 200 a .
  • the power generated by the power supply circuit 120 a may be provided to components of the portable biometric authentication device 100 a , for example, the control subsystem 130 a and the sensor subsystem 140 a , respectively.
  • the terminal device 200 a may transmit a first encryption key to the portable biometric authentication device 100 a
  • the portable biometric authentication device 100 a may transmit a second encryption key to the terminal device 200 a
  • the first encryption key may be used to encrypt biometric information (e.g., a fingerprint image) transmitted by the portable biometric authentication device 100 a to the terminal device 200 a
  • the second encryption key may be used to encrypt data (e.g., a fingerprint image acquisition request, binary data, magnetic stripe data, etc.) transmitted by the terminal device 200 a to the portable biometric authentication device 100 a .
  • the encrypted NFC channel may be formed between the terminal device 200 a and the portable biometric authentication device 100 a through operations, that is, operations S 111 to S 114 .
  • FIG. 7 is a flowchart describing in one example the operations of receiving/transmitting data between the terminal device 200 a and portable biometric authentication device 100 a using an encrypted NFC channel according to an exemplary embodiment.
  • FIG. 7 shows the operation of receiving/transmitting encrypted data by the terminal device 200 a and the portable biometric authentication device 100 a when the encrypted NFC channel is formed.
  • Operations S 211 to S 213 show the transmission of the data from the terminal device 200 a to the portable biometric authentication device 100 a
  • operations S 214 to S 216 show the transmission of the data from the portable biometric authentication device 100 a to the terminal device 200 a.
  • the terminal device 200 a may encrypt the data by using the second encryption key.
  • the encryption processing unit 222 a of the terminal device 200 a may encrypt the data (e.g., a fingerprint image acquisition request, binary data, magnetic stripe data, etc.) by using the second encryption key.
  • the terminal device 200 a may transmit the encrypted data to the portable biometric authentication device 100 a .
  • the NFC controller 221 a of the terminal device 200 a may receive the encrypted data from the encryption processing unit 222 a and may transmit the encrypted data to the portable biometric authentication device 100 a by controlling the NFC antenna 210 a based on the encrypted data.
  • the portable biometric authentication device 100 a may decrypt the encrypted data by using the second encryption key.
  • the NFC controller 131 a of the portable biometric authentication device 100 a may transmit the encrypted data, which is received via the NFC antenna 110 a , to the encryption processing unit 132 a , and the encryption processing unit 132 a may decrypt the encrypted data by using the second encryption key.
  • the portable biometric authentication device 100 a may encrypt the biometric information using the first encryption key.
  • the encryption processing unit 132 a of the portable biometric authentication device 100 a may encrypt the biometric information (e.g., a fingerprint image) using the first encryption key.
  • the portable biometric authentication device 100 a may transmit the encrypted biometric information to the terminal device 200 a .
  • the NFC controller 131 a of the portable biometric authentication device 100 a may receive the encrypted data from the encryption processing unit 132 a and may transmit the encrypted data to the terminal device 200 a by controlling the NFC antenna 110 a based on the encrypted data.
  • the terminal device 200 a may decrypt the encrypted biometric information using the first encryption key.
  • the NFC controller 221 a of the terminal device 200 a may communicate the encrypted biometric information received via the NFC antenna 210 a to the encryption processing unit 222 a , and the encryption processing unit 222 a may decrypt the encrypted biometric information using the first encryption key.
  • FIG. 8 is a flowchart describing in one example the operation S 120 of FIG. 5 according to an exemplary embodiment.
  • the terminal device 200 a and the portable biometric authentication device 100 a may perform the operation of authenticating the portable biometric authentication device 100 a prior to the subsequent authentication of the user in response to user provided biometric information.
  • the operation of authenticating the portable biometric authentication device 100 a may be performed using the encryption processing unit 222 a of the terminal device 200 a in conjunction with the encryption processing unit 132 a of the portable biometric authentication device 100 a.
  • the terminal device 200 a may perform an operation of generating first authentication data and a first hash value H 1 .
  • the encryption processing unit 222 a of the terminal device 200 a may include a first hash function that is defined in advance.
  • the encryption processing unit 222 a may generate the first authentication data and may generate the first hash value H 1 corresponding to the first authentication data based on the first hash function.
  • the terminal device 200 a may transmit the first authentication data to the portable biometric authentication device 100 a.
  • the portable biometric authentication device 100 a may generate a first test hash value H 1 ′ regarding the first authentication data.
  • the encryption processing unit 132 a of the portable biometric authentication device 100 a may include a second hash function that is defined in advance and may generate the first test hash value H 1 ′ corresponding to the first authentication data received from the terminal device 200 a .
  • the portable biometric authentication device 100 a may transmit the first test hash value H 1 ′ to the terminal device 200 a.
  • the terminal device 200 a may perform an operation of comparing the first hash value H 1 with the first test hash value H 1 ′.
  • the terminal device 200 a may determine that authentication of the portable biometric authentication device 100 a is successfully performed in operation S 127 . That is, if the first hash value H 1 corresponding to the first authentication data is the same as the first test hash value H 1 ′ generated by the portable biometric authentication device 100 a based on the first authentication data, then it may be determined that the first and second hash functions are the same, and then the portable biometric authentication device 100 a may be authenticated.
  • the terminal device 200 a may generate new first authentication data and a new first hash value Hl.
  • FIG. 9 is a flowchart describing in one example the operation S 130 of FIG. 5 according to an exemplary embodiment.
  • the terminal device 200 a and the portable biometric authentication device 100 a may perform an operation authenticating the terminal device 200 a prior to the subsequent authentication of the user.
  • the operation of authenticating the terminal device 200 a may be performed using the encryption processing unit 222 a of the terminal device 200 a in conjunction with the encryption processing unit 132 a of the portable biometric authentication device 100 a.
  • the terminal device 200 a may request the portable biometric authentication device 100 a to transmit second authentication data.
  • the NFC controller 221 a of the terminal device 200 a may control the NFC antenna 210 a in response to the second authentication data request of the encryption processing unit 222 a and thus may transmit a second authentication data request to the portable biometric authentication device 100 a.
  • the portable biometric authentication device 100 a may generate the second authentication data and a second hash value H 2 .
  • the encryption processing unit 132 a of the portable biometric authentication device 100 a may include a third hash function that is defined in advance.
  • the encryption processing unit 132 a may generate the second authentication data in response to the second authentication data request and may generate the second hash value H 2 based on the third hash function.
  • the portable biometric authentication device 100 a may transmit the second authentication data to the terminal device 200 a.
  • the terminal device 200 a may generate a second test hash value H 2 ′ regarding the second authentication data.
  • the encryption processing unit 222 a of the terminal device 200 a may include a fourth hash function that is defined in advance and may generate the second test hash value H 2 ′ corresponding to the second authentication data received from the portable biometric authentication device 100 a .
  • the terminal device 200 a may transmit the second test hash value H 2 ′ to the portable biometric authentication device 100 a.
  • the portable biometric authentication device 100 a may perform an operation of comparing the second hash value H 2 with the second test hash value H 2 ′.
  • the portable biometric authentication device 100 a may transmit an authentication result to the terminal device 200 a in operation S 137 and may determine that the authentication of the terminal device 200 a is successfully performed in operation S 128 .
  • the portable biometric authentication device 100 a may perform a subsequent operation, for example, operation S 140 of FIG. 5 .
  • the portable biometric authentication device 100 a may generate new second authentication data and a new second hash value H 2 .
  • FIG. 10 is a block diagram of a portable biometric authentication device 100 b according to another embodiment of the inventive concept.
  • the portable biometric authentication device 100 b may update software or a program based on data received from a terminal device (e.g., a terminal device 200 b of FIG. 11 ) using NFC.
  • the portable biometric authentication device 100 b may include a NFC antenna 110 b , a power supply circuit 120 b , a control subsystem 130 b , a sensor subsystem 140 b , and a non-volatile memory device 150 b .
  • the NFC antenna 110 b , the power supply circuit 120 b , and the sensor subsystem 140 b may perform the same or similar functions as or to the NFC antenna 110 a , the power supply circuit 120 a , and the sensor subsystem 140 a of FIG. 3 .
  • the non-volatile memory device 150 b may retain stored data even in the absence of applied power.
  • the non-volatile memory device 150 b may include an Electrically Erasable Programmable Read-Only Memory (EEPROM), flash memory, Phase Change Random Access Memory (PRAM), Resistance Random Access Memory (RRAM), Nano Floating Gate Memory (NFGM), Polymer Random Access Memory (PoRAM), Magnetic Random Access Memory (MRAM), Ferroelectric Random Access Memory (FRAM), or the like, but the non-volatile memory device 150 b is not limited thereto.
  • the non-volatile memory device 150 b may receive a third power voltage VDD_M from the power supply circuit 120 b and may store, in a non-volatile manner, a program or a parameter that defines operations of the control subsystem 130 b and/or the sensor subsystem 140 b .
  • the NFC controller 131 b and/or a fingerprint sensor 141 b may operate based on the program or parameter stored in the non-volatile memory device 150 b .
  • the data stored in the non-volatile memory device 150 b may be updated as data received via NFC, and accordingly, the operations of the control subsystem 130 b and/or the sensor subsystem 140 b may change. That is, software of the portable biometric authentication device 100 b may be updated. Detailed descriptions regarding the update of the software of the portable biometric authentication device 100 b will be provided below with reference to FIG. 11 .
  • FIG. 10 shows that the portable biometric authentication device 100 b includes one non-volatile memory device 150 b , but the inventive concept is not limited thereto. That is, according to an exemplary embodiment, the portable biometric authentication device 100 b may include two or more non-volatile memory devices to which power is applied by the power supply circuit 120 b respectively, and the control subsystem 130 b and the sensor subsystem 140 b may respectively access different non-volatile memory devices. Also, each of the non-volatile memory devices may be updated as the data is received using NFC.
  • FIG. 11 is a flowchart describing one possible operation of updating the software of the portable biometric authentication device 100 b of FIG. 10 according to an exemplary embodiment.
  • the terminal device 200 b may check whether a software (SW) update request is received.
  • the SW update request may be input to the terminal device 200 b from the user or may be transmitted from a update program.
  • the terminal device 200 b may transmit the SW update request and binary data to the portable biometric authentication device 100 b .
  • the binary data may correspond to a program or a parameter that defines the operations of the control subsystem 130 b and/or the sensor subsystem 140 b.
  • an operation of writing the binary data to the non-volatile memory device 150 b may be performed.
  • the NFC controller 131 b may control the operation of writing the binary data to the non-volatile memory device 150 b in response to a SW update request, and thus, the operations of the control subsystem 130 b and/or the sensor subsystem 140 b may change.
  • the portable biometric authentication device 100 b may transmit a SW update result to the terminal device 200 b .
  • the portable biometric authentication device 100 b may transmit, to the terminal device 200 b , a size of the data written to the non-volatile memory device 150 b , a time taken to perform the operation of writing the data, information about errors that occur during the operation of writing the data, or the like.
  • FIG. 12 is a block diagram illustrating a portable biometric authentication device 100 c and a terminal device 200 c according to still another embodiment of the inventive concept.
  • the portable biometric authentication device 100 c may be used as a payment medium by transmitting a magnetic pulse to a card terminal based on magnetic stripe data received from the terminal device 200 c , that is, by supporting magnetic stripe transmission (MST).
  • MST magnetic stripe transmission
  • the portable biometric authentication device 100 c may include a NFC antenna 110 c , a power supply circuit 120 c , a control subsystem 130 c , a sensor subsystem 140 c , and an inductor 160 c .
  • the NFC antenna 110 c , the power supply circuit 120 c , the control subsystem 130 c , and the sensor subsystem 140 c of the portable biometric authentication device 100 c may perform the same or similar functions as or to their corresponding components of the portable biometric authentication device 100 of FIG. 1 .
  • the terminal device 200 c may include a NFC antenna 210 c , a NFC subsystem 220 c , and a personal authentication unit 230 c .
  • the NFC antenna 210 c , the NFC subsystem 220 c , and the personal authentication unit 230 c of the terminal device 200 c may perform the same or similar functions as or to their corresponding components of the terminal device 200 of FIG. 1 .
  • the personal authentication unit 230 c of the terminal device 200 c may provide magnetic stripe data MSD to the NFC subsystem 220 c .
  • the magnetic stripe data is information that is stored by spreading a magnetic substance on a credit card, etc. and may include payment information.
  • the personal authentication unit 230 c may provide the magnetic stripe data to the NFC subsystem 220 c in order to transmit the magnetic stripe data to the portable biometric authentication device 100 c.
  • the portable biometric authentication device 100 c may include the NFC controller 131 c and an inductor driver 133 c .
  • the NFC controller 131 c may receive the magnetic stripe data MSD from the terminal device 200 c via the NFC antenna 110 c and may provide the magnetic stripe data MSD to the inductor driver 133 c .
  • the inductor driver 133 c may generate a signal transmitted to the inductor 160 c in such a manner that the inductor 160 c generates a magnetic flux to the outside of the portable biometric authentication device 100 c based on the magnetic stripe data MSD.
  • the magnetic stripe data MSD may be transmitted to a card terminal through the magnetic flux or a magnetic pulse generated by the inductor 160 c .
  • the portable biometric authentication device 100 c may improve payment convenience by supporting the MST and the personal authentication using the biometric information.
  • FIG. 13 is a flowchart describing in one example the operations performed between the portable biometric authentication device 100 c and the terminal device 200 c of FIG. 12 according to an exemplary embodiment. That is, FIG. 13 shows an operation of performing, by the portable biometric authentication device 100 c and the terminal device 200 c of FIG. 12 , the MST as an example of a security function performed in operation S 200 of FIG. 5 .
  • the terminal device 200 c may request disablement of a fingerprint sensor 141 c in operation S 201 . Then, in operation S 202 , the fingerprint sensor 141 c of the portable biometric authentication device 100 c may be disabled. That is, in the portable biometric authentication device 100 c to which power is provided from the terminal device 200 c via the NFC, the fingerprint sensor 141 c (or the sensor subsystem 140 c ) is disabled to drive the inductor 160 c while the MST is being performed, and thus power provided to the fingerprint sensor 141 c may be blocked.
  • an operation of operating the inductor 160 c may be performed to generate the magnetic pulse in the portable biometric authentication device 100 c .
  • the NFC controller 131 c may provide the magnetic stripe data received from the terminal device 200 c to the inductor driver 133 c , and the inductor driver 133 c may drive the inductor 160 c based on the magnetic stripe data. Accordingly, the inductor 160 c may generate a magnetic pulse corresponding to the magnetic stripe data.
  • the terminal device 200 c may receive a payment result via a communication network.
  • the terminal device 200 c may be a mobile phone that communicates with a bank server via a wireless communication network and may receive the payment result, which is produced by transmission of the magnetic stripe that is performed in operations S 201 to S 204 , from the bank server.
  • FIG. 14 is a block diagram illustrating in one example a terminal device 200 d according to an exemplary embodiment.
  • a NFC subsystem 220 d may include a NFC controller 221 d and an encryption processing unit 222 d .
  • the NFC controller 221 d and the encryption processing unit 222 d may perform the same or similar functions as or to the NFC controller 221 a and the encryption processing unit 222 a of FIG. 4 .
  • the terminal device 200 d may include a processor 230 d .
  • the processor 230 d may be a multi-core processor including two or more cores for independently executing instructions.
  • the processor 230 d may execute an operating system that provides a kernel space and a user space.
  • the processor 230 d may execute a NFC driver 231 d in the kernel space and may execute a NFC framework 232 d , a fingerprint framework 233 d , and a user application 234 d in the user space.
  • the framework (e.g., the NFC framework 232 d or the fingerprint framework 233 d ) may provide generic functionality to the user space, and the user application 234 d may be efficiently designed based on the NFC framework 232 d or the fingerprint framework 233 d.
  • Methods of operating a terminal device may be performed by the processor 230 d .
  • operations for example, payment, banking, etc., which require personal authentication may be implemented by the user application 234 d .
  • the user application 234 d may request personal authentication using fingerprints when a security function is performed.
  • the fingerprint framework 233 d may perform at least one of operations S 100 to S 200 of FIG. 5 by communicating with a portable biometric authentication device (e.g., the portable biometric authentication device 100 of FIG. 1 ) through the NFC framework 232 d .
  • a portable biometric authentication device e.g., the portable biometric authentication device 100 of FIG. 1
  • the NFC framework 232 d may provide an interface for the NFC to the user application 234 d and the fingerprint framework 233 d , and the NFC driver 231 d may provide the NFC framework 232 d with an interface regarding the NFC subsystem 220 d that is an independent hardware device.
  • FIG. 15 is a block diagram illustrating a computing system 400 and a portable biometric authentication device 300 according to an exemplary embodiment.
  • the portable biometric authentication device 300 may communicate with the computing system 400 using NFC.
  • the computing system 400 may include a central processing unit 410 , a memory subsystem 420 , a user interface 430 , and a NFC subsystem 440 .
  • the central processing unit 410 , the memory subsystem 420 , the user interface 430 , and the NFC subsystem 440 may communicate with each other via a bus 450 .
  • the computing system 400 may communicate with a video card, a sound card, a memory card, a USB device, or the like or may further include a port communicating with other devices.
  • the central processing unit 410 may perform certain calculations or certain tasks.
  • the central processing unit 410 may access the memory subsystem 420 via the bus 450 and may execute multiple instructions stored in the memory subsystem 420 .
  • the central processing unit 410 may perform the operations of the personal authentication unit or the operations of the processor 230 d of FIG. 14 .
  • the memory subsystem 420 may include one or more memory devices and memory controllers.
  • the memory subsystem 420 may include volatile memory device, and the volatile memory device may function as a cache memory.
  • the memory subsystem 420 is a volatile memory device and may include Dynamic Random Access Memory (DRAM), Static Random Access Memory (SRAM), mobile DRAM, Double Data Rate Synchronous Dynamic Random Access Memory (DDR SDRAM), Low Power DDR (LPDDR) SDRAM, Graphic DDR (GDDR) SDRAM, Rambus Dynamic Random Access Memory (RDRAM), or the like.
  • the memory subsystem 420 may be a non-volatile memory device, and the non-volatile memory device may store instructions that form a program executed in the central processing unit 410 .
  • the memory subsystem 420 may be a non-volatile memory device and may include Electrically Erasable Programmable Read-Only Memory (EEPROM), flash memory, PRAM, RRAM, NFGM, PoRAM, MRAM, FRAM, or the like.
  • EEPROM Electrically Erasable Programmable Read-Only Memory
  • flash memory PRAM, RRAM, NFGM, PoRAM, MRAM, FRAM, or the like.
  • the user interface 430 may include an input device such as a keyboard, a keypad, a mouse, or the like in order to receive an input signal from the user and may include an output device such as a printer, a display device, or the like in order to provide an output signal to the user.
  • an input device such as a keyboard, a keypad, a mouse, or the like in order to receive an input signal from the user and may include an output device such as a printer, a display device, or the like in order to provide an output signal to the user.
  • the NFC subsystem 440 may perform NFC with electronic devices that include the portable biometric authentication device 300 and support the NFC. According to an exemplary embodiment, the NFC subsystem 440 may control transmission of binary data, authentication data, an encryption key, magnetic stripe data, or the like to the portable biometric authentication device 300 via a NFC antenna. Also, the NFC subsystem 440 may control reception of a fingerprint image, the authentication data, the encryption key, or the like from the portable biometric authentication device 300 via the NFC antenna.
  • the portable biometric authentication device 300 may include a power supply circuit 320 , a control subsystem 330 , and a sensor subsystem 340 , and the power supply circuit 320 , the control subsystem 330 , and the sensor subsystem 340 may each perform operations according to exemplary embodiments.
  • the power supply circuit 320 may generate power based on the electromagnetic field induced from the electromagnetic field generated by the computing system 400 and may respectively provide the generated power to the control subsystem 330 and the sensor subsystem 340 .
  • FIG. 16 is a conceptual diagram of a card 500 according to an exemplary embodiment.
  • a portable biometric authentication device may be embodied as the card 500 due to a simple structure and a small form factor. That is, as shown in FIG. 16 , the card 500 may include a NFC antenna 510 and a fingerprint sensor 520 .
  • the card 500 may be used as an independent payment medium such as a credit card, a debit card, etc. or may be used as a personal authentication device using the NFC and the fingerprint image.

Abstract

A portable biometric authentication device communicates with a terminal device using near field communication (NFC). The portable biometric authentication device includes; a NFC antenna, a power supply circuit that generates at least one power voltage in response to an electromagnetic field generated by the terminal device and received via the NFC antenna, a sensor subsystem that operates in response to the at least one power voltage and includes a biometric sensor that acquires biometric information from a user, and a control subsystem that operates in response to the at least one power voltage and includes a NFC controller that controls the communication of the biometric information to the terminal device using the NFC antenna.

Description

    CROSS-REFERENCE TO RELATED APPLICATION
  • This is a Divisional of U.S. application Ser. No. 15/333,343, filed Oct. 25, 2016, which claims the benefit of Korean Patent Application No. 10-2015-0151099 filed on Oct. 29, 2015, the disclosure of which is hereby incorporated by reference in it entirety.
    • BACKGROUND
  • The inventive concept relates to a portable biometric authentication device and a terminal device. More particularly, the inventive concept relates to a portable biometric authentication device and a terminal device capable of communicating using near field communication (NFC).
  • Electronic devices may require personal authentication in order to provide functions such as making payment, using a banking service, controlling physical entry, etc. Personal authentication requires high degree of accuracy and security, and various forms of biometric authentication have been used to provide personal authentication. Biometric authentication is usually based on one or more types of biometric information (e.g., a fingerprint, an iris, a finger vein, voice, etc.) provided by a user.
  • Biometric authentication is very convenient, since it frees the user for such requirements as carrying various card(s) and key(s) or memorizing passwords. In addition, biometric information is difficult to counterfeit or falsify, thereby making biometric authentication highly secure. Different forms of biometric information may be readily acquired using one or more biometric sensor(s) provided by an electronic device, such as a mobile phone. However, many electronic devices either do not include biometric sensor(s) or are not physically, commercially and/or functionally susceptible to the incorporation of biometric sensor(s). Such electronic devices are not able to provide biometric authentication.
    • SUMMARY
  • The inventive concept relates to a portable biometric authentication device and a terminal device and provides a portable biometric authentication device for providing biometric information via near field communication (NFC) and a terminal device for providing power to the portable biometric authentication device via the NFC.
  • According to an aspect of the inventive concept, there is provided a portable biometric authentication device that communicates with a terminal device using near field communication (NFC). The portable biometric authentication device includes; a NFC antenna, a power supply circuit that generates at least one power voltage in response to an electromagnetic field generated by the terminal device and received via the NFC antenna, a sensor subsystem that operates in response to the at least one power voltage and includes a biometric sensor that acquires biometric information from a user, and a control subsystem that operates in response to the at least one power voltage and includes a NFC controller that controls the communication of the biometric information to the terminal device using the NFC antenna.
  • According to another aspect of the inventive concept, there is provided a terminal device configured to communicate with a portable biometric authentication device using near field communication (NFC). The terminal device includes a first NFC antenna, a NFC subsystem configured to generate an electromagnetic field using the first NFC antenna, such that the portable biometric authentication device operates in response to at least one power voltage generated by the portable biometric authentication device in response to an electrical current induced in a second NFC antenna of the portable biometric authentication device by the electromagnetic field, and a personal authentication unit configured to perform personal authentication for a user of the portable biometric authentication in response to biometric information provided by the user to the portable biometric authentication device.
  • According to an aspect of the inventive concept, there is provided a method of operating a system including a terminal device using near field communication (NFC) to communicate with a portable biometric authentication device. The method includes; powering operation of the portable biometric authentication device solely from an electromagnetic field generated by the terminal device, generating a request for biometric information of a user of the portable biometric authentication device in the terminal device, generating first biometric information from a fingerprint image provided by the user to a fingerprint sensor disposed in the portable biometric authentication device, communicating the first biometric information from the portable biometric authentication device to the terminal device using the NFC, and performing personal authentication of the user in the terminal device in response to the first biometric information.
    • BRIEF DESCRIPTION OF THE DRAWINGS
  • Embodiments of the inventive concept will be more clearly understood from the following detailed description taken in conjunction with the accompanying drawings in which:
  • FIG. 1 is a block diagram of a portable biometric authentication device and a terminal device according to an exemplary embodiment;
  • FIG. 2 is diagrams of respective examples of the portable biometric authentication device and the terminal device of FIG. 1 according to an exemplary embodiment;
  • FIG. 3 is a block diagram of a portable biometric authentication device according to an exemplary embodiment;
  • FIG. 4 is a block diagram of a terminal device according to an exemplary embodiment;
  • FIG. 5 is a flowchart of operations performed between the portable biometric authentication device and the terminal device of FIGS. 3 and 4, according to an exemplary embodiment;
  • FIG. 6 is a flowchart of an example of operation S110 of FIG. 5, according to an exemplary embodiment;
  • FIG. 7 is a flowchart of an operation of receiving/transmitting data by a terminal device and a portable biometric authentication device in an encrypted near field communication (NFC) channel, according to an exemplary embodiment;
  • FIG. 8 is a flowchart of an example of operation S120 of FIG. 5 according to an exemplary embodiment;
  • FIG. 9 is a flowchart of an example of operation S130 of FIG. 5 according to an exemplary embodiment;
  • FIG. 10 is a block diagram of a portable biometric authentication device according to an exemplary embodiment;
  • FIG. 11 is an operation of updating software by the portable biometric authentication device of FIG. 10, according to an exemplary embodiment;
  • FIG. 12 is a block diagram of a portable biometric authentication device and a terminal device according to an exemplary embodiment;
  • FIG. 13 is a flowchart of operations performed between the portable biometric authentication device and the terminal device of FIG. 12, according to an exemplary embodiment;
  • FIG. 14 is a block diagram of a terminal device according to an exemplary embodiment;
  • FIG. 15 is a block diagram of a computing system and a portable biometric authentication device according to an exemplary embodiment; and
  • FIG. 16 is a diagram of a card according to an exemplary embodiment.
    •  DETAILED DESCRIPTION
  • The term “near field communication” (or “NFC”) is used to describe a broad class of technology enabling two or more electronic devices to communicate one or more electromagnetic signal(s) without necessarily mandating a constituent mechanical connection or physical connection (or touching) of the electronic devices. Various approaches to NFC establish a set of corresponding communication protocols that enable one-way or two-way communication (i.e., transmission and/or reception) of signal(s) between multiple electronic devices. In certain NFC approaches, a first electronic device generates an electromagnetic field, and when a second electronic devices comes into proximity with the electromagnetic field, an electrical signal is induced such that information may be wirelessly communicated between the first electronic device and second electronic device.
  • In certain contemporary approaches, NFC information (or data) may be wirelessly communicated across a distance of up to about 10 cm. Data communicated using NFC may be used by a user of an electronic device to make a payment, access an account, gain access to a product or place, etc. There are a number of publicly available technical standards (or specifications) that define different NFC approaches. For example, the International Organization for Standards (ISO) and International Electro-technical Commission (IEC) ISO/IEC 21481 specifies a communication protocol, a data exchange format, signal frequencies and bandwidths (e.g., 13.56 MHz), etc., enabling NFC between electronic devices.
  • NFC may be used to communicate not only information or data bearing signal(s), but also power signal(s). That is, a first electronic device (the “initiator”) may generate an electromagnetic field, and a second electronic device (the “target”) may extract power from the electromagnetic field generated by the initiator device sufficient to operate the target device. For example, some target devices may extract an electrical current of up to about 50 mA from an electromagnetic field generated by an initiator device.
  • Figure (FIG. 1 is a block diagram of a portable biometric authentication device 100 and a terminal device 200 according to an embodiment of the inventive concept. The portable biometric authentication device 100 and terminal device 200 communication information using NFC. Here, the portable biometric authentication device 100 may be used to acquire biometric information associated with a user and provide the acquired biometric information to the terminal device 200. The terminal device 200 may then perform personal authentication using (or based on) the provided biometric information. Additionally or alternatively, the terminal device 200 may provide power to the portable biometric authentication device 100 using NFC, such that the portable biometric authentication device 100 may acquire biometric information, communicate acquired biometric information to the terminal device 200, or perform some other function.
  • Referring to FIG. 1, the portable biometric authentication device 100 may include a NFC antenna 110, a power supply circuit 120, a control subsystem 130, and a sensor subsystem 140. The NFC antenna 110 may be used to (1) generate an electromagnetic field according to signals received from the control subsystem 130 (e.g., a NFC controller 131 in the control subsystem 130) and (2) receive an electromagnetic field generated by the terminal device 200 and provide one or more corresponding electrical signals induced in the NFC antenna 110 by the received electromagnetic field. The NFC antenna 110 may be an antenna module including passive elements where the nature and arrangement of the passive elements may be determined by one or more resonance frequencies defined by an appropriate NFC protocol governing the operation of the terminal device 200 and/or portable biometric authentication device 100.
  • In the portable biometric authentication device 100, the power supply circuit 120 may be connected to the NFC antenna 110 and may generate one or more power signals from the electrical signal(s) induced by an electromagnetic field proximate to the NFC antenna 110. For example, the power supply circuit 120 may extract an electrical current induced in the NFC 110 by the electromagnetic field and generate at least one power voltage based on the extracted electrical current. In the illustrated example of FIG. 1, the power supply circuit 120 is assumed to provide a first power voltage VDD_C to the control subsystem 130 and a second power voltage VDD_S to the sensor subsystem 140. The control subsystem 130 and the sensor subsystem 140 may respectively operate in response to the first and second power voltages VDD_C and VDD_S provided by the power supply circuit 120.
  • Here, it should be noted that the example of FIG. 1 shows different power voltages being provided to the control subsystem 130 and sensor subsystem 140 from the power supply circuit 120. However, in other embodiments of the inventive concept, identical power voltage(s) may be provided by the power supply circuit 120 to the control subsystem 130 and sensor subsystem 140.
  • As previously noted, the control subsystem 130 of FIG. 1 is assumed to include the NFC controller 131, where the NFC controller 131 may be used in the portable biometric authentication device 100 to control the communication of data via the NFC antenna 110. For example, the NFC controller 131 may be used to control the reception of a biometric information request received from the terminal device 200 and/or the transmission of (first) biometric information INFO_1 provided by the sensor subsystem 140 to the terminal device 200 in response to the biometric information request. In FIG. 1, the NFC controller 131 is assumed to operate in response to the first power voltage VDD_C provided by the power supply circuit 120.
  • The sensor subsystem 140 may include a biometric sensor 141 that is capable of providing the first biometric information INO_1 to the control subsystem 130. The biometric sensor 141 may acquire the biometric information from the user (e.g., a fingerprint image, an iris image, a finger vein pattern, voice pattern, or the like) and then convert the biometric information into corresponding electrical signal(s). In FIG. 1, the biometric sensor 141 is assumed to operate in response to the second power voltage VDD_S provided by the power supply circuit 120.
  • Thus, from the foregoing it will be understood that the control subsystem 130 and sensor subsystem 140 included in the portable biometric authentication device 100 may be operated using one or more power signals (e.g., power voltages) generated by the power supply circuit 120 in response to at least one electrical signal induced in the NFC antenna 110 by an electromagnetic field generated by the terminal device 200. Accordingly, the portable biometric authentication device 100 need not include a battery or equivalent internal power source, yet need not be externally connected to a power terminal in order to operate. This feature allows the portable biometric authentication device 100 to be relatively simple in its design and structure. Further it may be provided (e.g., manufactured, fabricated and/or physically provisioned) with a relatively small form factor. Here, the term “small” refers to one or more physical dimensions (e.g., height, width, length, thickness, area, volume, etc.) of the portable biometric authentication device 100.
  • Due to its relatively simple structure and small form factor, the portable biometric authentication device 100 may be provided in a variety of user-friendly forms. For example, as will be described in relation to FIG. 2, the portable biometric authentication device 100 may be embedded within a cover or case of the terminal device 200. Alternately, as will be described in relation to FIG. 16, the portable biometric authentication device 100 may be embedded within a convenient card (e.g., a credit card like form). As a result, the portable biometric authentication device 100 may provide considerable convenience to a user while at the same time ensuring a high degree of information accuracy and security.
  • The terminal device 200 may be an electronic device capable of performing personal authentication by communicating with the portable biometric authentication device 100 using NFC. In various embodiments, the terminal device 200 may be a desktop computer, a server system, a smart TV, an electric gate, a point of sale (POS) system, or the like. The terminal device 200 may be a portable electronic device such as a laptop computer, a tablet PC, a mobile phone, a smart phone, an e-reader, a personal digital assistant (PDA), an enterprise digital assistant (EDA), a digital still camera, a digital video camera, a portable multimedia player (PMP), a personal or portable navigation device (PND), a handheld game console, or the like.
  • Referring to FIG. 1, the terminal device 200 may include a NFC antenna 210, a NFC subsystem 220, and a personal authentication unit 230. The NFC antenna 210 may be used to generate an electromagnetic field according to signals received from the NFC subsystem 220 (e.g., a NFC controller 221) or generate one or more electrical signals in response to an electromagnetic field generated by the portable biometric authentication device 100. Similar to the NFC antenna 110 of the portable biometric authentication device 100, the NFC antenna 210 may be an antenna module including passive elements where the number and arrangement of passive elements may determined by one or more resonance frequencies of the NFC antenna 210.
  • The NFC subsystem 220 may include the NFC controller 221, and the NFC controller 221 may control the NFC communication of data via the NFC antenna 210. For example, the NFC controller 221 may communicate a biometric information request to the portable biometric authentication device 100 and/or receive biometric information from the portable biometric authentication device 100 via the NFC antenna 210. The NFC controller 221 may control the NFC antenna 210 such that power sufficient to operate the portable biometric authentication device 100 is provided to the portable biometric authentication device 100 by the electromagnetic field generated via the NFC antenna 210.
  • The personal authentication unit 230 may receive (second) biometric information INFO_2 from the NFC subsystem 220 and may perform personal authentication based on the biometric information INFO_2. For example, the personal authentication unit 230 may determine (e.g., compare) whether the second biometric information INFO_2 provided by the NFC subsystem 220 corresponds with expected (e.g., previously registered or predetermined) biometric information associated with the user during personal authentication. In various embodiments of the inventive concept, the personal authentication unit 230 may be implemented as hardware logic operating in accordance with a state machine or as a processor executing a program stored in a memory accessible to the terminal device 230.
  • FIG. 2 is a conceptual diagram illustrating respective physical implementations of the portable biometric authentication device 100 and terminal device 200 of FIG. 1 according to an embodiment of the inventive concept. That is, FIG. 2 shows a rear (or back) surface of a mobile phone 200′ and a mobile phone case 100′ that is mechanically attachable/detachable to the rear surface of the mobile phone 200′. Here, the mobile phone case 100′ may include a first primary surface configured to receive and attach the mobile phone 200′ and an opposing second primary surface exposing a NFC antenna 110′ and a biometric sensor 141′. That is, each of these two elements is externally exposed or accessible without removing the mobile phone 200′ from the mobile phone case 100′. The NFC antenna 110′ may be embedded in the mobile phone case 110′ such that the NFC antenna 110′ may be positioned to face a NFC antenna 210′ embedded in the mobile phone 200′ when the mobile phone case 100′ is attached to the mobile phone 200′. The biometric sensor 141′ may be provided in a surface opposite to the surface of mobile phone case 100′ facing the mobile phone 200′, such that the biometric sensor 141′ is externally exposed when the mobile phone case 100′ is attached to the mobile phone 200′. In this manner, the biometric sensor 141′ may readily acquire biometric information from the user, such that the biometric information may be communicated to the mobile phone 200′ via the NFC antenna 110′.
  • The mobile phone 200′ may include the NFC antenna 210′ and may perform personal authentication for the user based on the biometric information received via the NFC antenna 210′. For example, the mobile phone 200′ may access a bank server via a wireless communication network once personal authentication has been successfully performed and thus may provide access to certain banking function(s) by the authenticated user. The mobile phone 200′ may drive the NFC antenna 210′ to provide a NFC controller (not shown in FIG. 2), the biometric sensor 141′, or the like included in the mobile phone case 100′ with sufficient operating power.
  • Thus, as described above with reference to FIG. 1, the portable biometric authentication device 100 of FIG. 1 need not include a battery or power terminal connection in order to connect and operate the portable biometric authentication device 100 with the terminal device 200. And as shown in FIG. 2, the portable biometric authentication device 100 may be embodied as the mobile phone case 100′ which is a desirable accessory for the mobile phone 200′. The mobile phone case 100′ may allow the mobile phone 200′, which does not include a biometric sensor, to perform personal authentication based on biometric information obtained from a user.
  • FIG. 3 is a block diagram further illustrating in one example a portable biometric authentication device 100 a according to an embodiment of the inventive concept. FIG. 4 is a block diagram further illustrating in one example a terminal device 200 a according to an embodiment of the inventive concept. Here, the portable biometric authentication device 100 a of FIG. 3 is assumed to acquire a fingerprint image of the user as biometric information. Further, the terminal device 200 a of FIG. 4 is assumed to perform personal authentication based on the acquired fingerprint image. Hereinafter, a fingerprint image is used as one example of possible biometric information, but those skilled in the art will understand that one or more other types of biometric information may be substituted for described fingerprint image.
  • Referring to FIG. 3, the portable biometric authentication device 100 a may include a NFC antenna 110 a, a power supply circuit 120 a, a control subsystem 130 a, and a sensor subsystem 140 a. The NFC antenna 110 a and the power supply circuit 120 a may perform the same or similar functions as or to the NFC antenna 110 and the power supply circuit 120 of FIG. 1.
  • Referring to FIG. 3, the sensor subsystem 140 a is assumed to include a fingerprint sensor 141 a and a fingerprint image compressing unit 142 a. The fingerprint sensor 141 a and the fingerprint image compressing unit 142 a may operate based on the second power voltage VDD_S provided by the power supply circuit 120 a to the sensor subsystem 140 a.
  • As shown in FIG. 3, the fingerprint sensor 141 a may acquire and detect a fingerprint image provided by the user and correspondingly output one or more fingerprint images INFO_0 as electrical signal(s). In the illustrated example of FIG. 3, the electrical signal(s) corresponding to the provided fingerprint image are processed by the fingerprint sensor 141 a to (e.g.,) generate multiple, corresponding image pixels and generate output signals from the image pixels (e.g., the fingerprint images INFO_0).
  • According to an embodiment illustrated in FIG. 3, the fingerprint images INFO_0 provided by the fingerprint sensor 141 a may be compressed by the fingerprint image compressing unit 142 a. That is, fingerprint images INFO_1 provided by the sensor subsystem 140 a to the control subsystem 130 a may be compressed data. The fingerprint sensor 141 a may detect the fingerprint of the user a number of times during a given cycle and provide one or more fingerprint images INFO_0 as the result of each cycle. The speed with which the fingerprint sensor 141 a provides the fingerprint images INFO_0 is an important factor in determining the speed with which biometric information is provided by the portable biometric authentication device 100 a to the terminal device 200 a. Therefore, the fingerprint image compressing unit 142 a may efficiently provide the first biometric information INFO_1 (e.g., compressed fingerprint images INFO_0) in response to the operation of the fingerprint sensor 141 a. For example, the fingerprint image compressing unit 142 a may select one or more of the fingerprint images INFO_1 and provide the selected fingerprint images for further processing by the fingerprint image compressing unit 142 a in order to generate high-quality biometric information INFO_1 from two or more fingerprint images INFO_0.
  • Referring to FIG. 3, the control system 130 a may include a NFC controller 131 a and an encryption processing unit 132 a. The NFC controller 131 a and encryption processing unit 132 a may operate in response to the first power voltage VDD_C provided from the power supply circuit 120 a to the control subsystem 130 a. The NFC controller 131 a may perform the same or similar functions as or to the NFC controller 131 of FIG. 1.
  • According to an exemplary embodiment, the first biometric information communicated by the portable biometric authentication device 100 a to the terminal device 200 a via the NFC may be encrypted prior to transmission. That is, the encryption processing unit 132 a may encrypt the first biometric information INFO_1 provided by the sensor subsystem 140 a (e.g., the fingerprint image compressing unit 142 a). Security of the fingerprint image(s) INFO_0 used during personal authentication must be maintained throughout the processes of acquiring, processing and most particularly during the transmission of the biometric information by the portable biometric authentication device 100 a. Therefore, the encryption processing unit 132 a may be used to maintain the security of the biometric information INFO_1 (and the underlying fingerprint image(s) INFO_0) during transmission of the biometric information INFO_1 to the terminal device 200 a using NFC. Thus, in certain embodiments of the inventive concept, the first biometric information INFO_1 communicated by the portable biometric authentication device 100 a may be encrypted data. As a result, the terminal device 200 a will include the components necessary to exchange encrypted data with the portable biometric authentication device 100 a. Hence, the encryption processing unit 132 a of FIG. 3 may be used to encrypt the first biometric information generated by the portable biometric authentication device 100 a. A more detailed explanation of possible operations associated with the encryption processing unit 132 a of FIG. 3 will be described with reference to FIGS. 6 and 7 hereafter.
  • Referring to FIG. 4, the terminal device 200 a may include a NFC antenna 210 a, a NFC subsystem 220 a, and a personal authentication unit 230 a. The NFC antenna 210 a and personal authentication unit 230 a may perform the same or similar functions as or to the NFC antenna 210 and the personal authentication unit 230 of FIG. 1. The NFC subsystem 220 a may include a NFC controller 221 a and an encryption processing unit 222 a. The NFC controller 221 a may perform the same or similar functions as or to the NFC controller 221 of FIG. 1.
  • The encryption processing unit 222 a may be used to decrypt the encrypted first biometric information received from the portable biometric authentication device 100 a using NFC. As described with reference to FIG. 3, the encryption processing unit 132 a of the portable biometric authentication device 100 a may generate an encrypted, compressed, fingerprint image as the first biometric information INFO_1 that is communicated via an electromagnetic field generated by the NFC antenna 110 a. The encryption processing unit 222 a of the terminal device 200 a may be used to decrypt the encrypted biometric information in order to generate corresponding second biometric information INFO_2 that is provided to the personal authentication unit 230 a. The encryption processing unit 222 a may also be used to encrypt data (e.g., a biometric information request) communicated to the portable biometric authentication device 100 a using NFC. A more detailed description of possible operations of the encryption processing unit 222 a will be described with reference to FIGS. 6 and 7 hereafter.
  • The encryption processing unit 132 a of the portable biometric authentication device 100 a and the encryption processing unit 222 a of the terminal device 200 a may be respectively implemented as an embedded secure element (eSE) indicating that an SE, which denotes an area including an element for safely storing or processing data, for example, financial information, authentication information, a service application, etc., which needs to be secured, is embedded in a semiconductor chip. For example, the encryption processing unit 132 a and the NFC controller 131 a of the portable biometric authentication device 100 a may be embedded in one semiconductor chip, and the encryption processing unit 222 a and the NFC controller 221 a of the terminal device 200 a may be embedded in one semiconductor chip.
  • FIG. 5 is a flowchart describing the interoperation between the portable biometric authentication device 100 a and terminal device 200 a of FIGS. 3 and 4 according to certain embodiments of the inventive concept. FIG. 5 shows a temporal flow of operations performed between the portable biometric authentication device 100 a and the terminal device 200 a such that the terminal device 200 a receives a security function request and a security function is enabled. Hereinafter, the operations of FIG. 5 will be described with reference to FIGS. 3 and 4.
  • In operation S100, the terminal device 200 a may check whether the security function request is received. The security function may be an operation that requires personal authentication and may include, for example, a payment function, a banking function, etc. The terminal device 200 a may receive the security function request from the user.
  • In operation S110, the terminal device 200 a and the portable biometric authentication device 100 a may perform an operation of forming an encrypted NFC channel. As the encrypted NFC channel is formed, security of data exchanged between the terminal device 200 a and the portable biometric authentication device 100 a may be maintained. A detailed description of operation S110 will be provided with reference to FIG. 6 hereafter.
  • In operation S120, the terminal device 200 a and the portable biometric authentication device 100 a may perform an operation of authenticating the portable biometric authentication device 100 a. Then, in operation S130, the terminal device 200 a and the portable biometric authentication device 100 a may perform an operation of authenticating the terminal device 200 a. Through the operation of authenticating the terminal device 200 a and the portable biometric authentication device 100 a, security of the personal authentication using the portable biometric authentication device 100 a may be reinforced. Detailed descriptions of operations S120 and S130 will be provided with reference to FIGS. 8 and 9 hereafter.
  • In operation S140, the portable biometric authentication device 100 a may perform an operation of enabling the sensor subsystem 140 a. For example, the NFC controller 131 a may enable the sensor subsystem 140 a when the terminal device 200 a is successfully authenticated in operation S130. The NFC controller 131 a may, for example, control the power supply circuit 120 a to provide the second power voltage VDD_S to the sensor subsystem 140 a or may inactivate an enable input signal of the sensor subsystem 140 a.
  • In operation S150, the terminal device 200 a may request the portable biometric authentication device 100 a to acquire biometric information (e.g., a fingerprint image). In operation S160, the portable biometric authentication device 100 a (e.g., the fingerprint sensor 141 a) may acquire the fingerprint image from a fingerprint of the user. In operation S170, the portable biometric authentication device 100 a (e.g., the encryption processing unit 132 a) may encrypt the acquired fingerprint image. In operation S180, the portable biometric authentication device 100 a (e.g., the NFC controller 131 a) may transmit the encrypted fingerprint image to the terminal device 200 a.
  • In operation S190, the terminal device 200 a may determine whether the personal authentication succeeds. For example, the terminal device 200 a (e.g., the encryption processing unit 222 a) may decrypt the encrypted fingerprint image received from the portable biometric authentication device 100 a. Then, the terminal device 200 a (e.g., the personal authentication unit 230 a) may compare the decrypted fingerprint image with a known (e.g., registered or vetted) fingerprint image associated with the user. If the decrypted fingerprint image is different from the registered fingerprint image for the user, the terminal device 200 a may re-request that the portable biometric authentication device 100 a acquire a fingerprint image. On the other hand, if the decrypted fingerprint image is the same as the registered fingerprint image for the user, the terminal device 200 a may perform the security function in operation S200.
  • FIG. 6 is a flowchart further illustrating in one example the operation S110 of FIG. 5 according to an exemplary embodiment. As described with reference to FIG. 5, the terminal device 200 a and the portable biometric authentication device 100 a may perform the operation of forming the encrypted NFC channel in operation S110.
  • Referring to FIG. 6, in operation S111, the terminal device 200 a may generate an electromagnetic field. That is, the terminal device 200 a, as the initiator device of the NFC, may generate a carrier field. For example, the NFC controller 221 a may control the NFC antenna 210 a such that the NFC antenna 210 a generates the electromagnetic field.
  • In operation S112, the portable biometric authentication device 100 a may generate one or more power signals from the received electromagnetic field. For example, the power supply circuit 120 a may generate one or more power voltage(s) from an electrical current induced in the NFC antenna 110 a by the electromagnetic field generated by the NFC antenna 210 a of the terminal device 200 a. The power generated by the power supply circuit 120 a may be provided to components of the portable biometric authentication device 100 a, for example, the control subsystem 130 a and the sensor subsystem 140 a, respectively.
  • In operation S113, the terminal device 200 a may transmit a first encryption key to the portable biometric authentication device 100 a, and in operation S114, the portable biometric authentication device 100 a may transmit a second encryption key to the terminal device 200 a. The first encryption key may be used to encrypt biometric information (e.g., a fingerprint image) transmitted by the portable biometric authentication device 100 a to the terminal device 200 a. The second encryption key may be used to encrypt data (e.g., a fingerprint image acquisition request, binary data, magnetic stripe data, etc.) transmitted by the terminal device 200 a to the portable biometric authentication device 100 a. Detailed descriptions regarding reception/transmission of encrypted data will be provided with reference to FIG. 7. The encrypted NFC channel may be formed between the terminal device 200 a and the portable biometric authentication device 100 a through operations, that is, operations S111 to S114.
  • FIG. 7 is a flowchart describing in one example the operations of receiving/transmitting data between the terminal device 200 a and portable biometric authentication device 100 a using an encrypted NFC channel according to an exemplary embodiment. FIG. 7 shows the operation of receiving/transmitting encrypted data by the terminal device 200 a and the portable biometric authentication device 100 a when the encrypted NFC channel is formed. Operations S211 to S213 show the transmission of the data from the terminal device 200 a to the portable biometric authentication device 100 a, and operations S214 to S216 show the transmission of the data from the portable biometric authentication device 100 a to the terminal device 200 a.
  • Referring to FIG. 7, in operation S211, the terminal device 200 a may encrypt the data by using the second encryption key. For example, the encryption processing unit 222 a of the terminal device 200 a may encrypt the data (e.g., a fingerprint image acquisition request, binary data, magnetic stripe data, etc.) by using the second encryption key.
  • In operation S212, the terminal device 200 a may transmit the encrypted data to the portable biometric authentication device 100 a. For example, the NFC controller 221 a of the terminal device 200 a may receive the encrypted data from the encryption processing unit 222 a and may transmit the encrypted data to the portable biometric authentication device 100 a by controlling the NFC antenna 210 a based on the encrypted data.
  • In operation S213, the portable biometric authentication device 100 a may decrypt the encrypted data by using the second encryption key. For example, the NFC controller 131 a of the portable biometric authentication device 100 a may transmit the encrypted data, which is received via the NFC antenna 110 a, to the encryption processing unit 132 a, and the encryption processing unit 132 a may decrypt the encrypted data by using the second encryption key.
  • In operation S214, the portable biometric authentication device 100 a may encrypt the biometric information using the first encryption key. For example, the encryption processing unit 132 a of the portable biometric authentication device 100 a may encrypt the biometric information (e.g., a fingerprint image) using the first encryption key.
  • In operation S215, the portable biometric authentication device 100 a may transmit the encrypted biometric information to the terminal device 200 a. For example, the NFC controller 131 a of the portable biometric authentication device 100 a may receive the encrypted data from the encryption processing unit 132 a and may transmit the encrypted data to the terminal device 200 a by controlling the NFC antenna 110 a based on the encrypted data.
  • In operation S216, the terminal device 200 a may decrypt the encrypted biometric information using the first encryption key. For example, the NFC controller 221 a of the terminal device 200 a may communicate the encrypted biometric information received via the NFC antenna 210 a to the encryption processing unit 222 a, and the encryption processing unit 222 a may decrypt the encrypted biometric information using the first encryption key.
  • FIG. 8 is a flowchart describing in one example the operation S120 of FIG. 5 according to an exemplary embodiment. As described with reference to FIG. 5, in operation S120, the terminal device 200 a and the portable biometric authentication device 100 a may perform the operation of authenticating the portable biometric authentication device 100 a prior to the subsequent authentication of the user in response to user provided biometric information. According to an exemplary embodiment, the operation of authenticating the portable biometric authentication device 100 a may be performed using the encryption processing unit 222 a of the terminal device 200 a in conjunction with the encryption processing unit 132 a of the portable biometric authentication device 100 a.
  • Referring to FIG. 8, in operation S121, the terminal device 200 a may perform an operation of generating first authentication data and a first hash value H1. For example, the encryption processing unit 222 a of the terminal device 200 a may include a first hash function that is defined in advance. The encryption processing unit 222 a may generate the first authentication data and may generate the first hash value H1 corresponding to the first authentication data based on the first hash function. Then, in operation S122, the terminal device 200 a may transmit the first authentication data to the portable biometric authentication device 100 a.
  • In operation S123, the portable biometric authentication device 100 a may generate a first test hash value H1′ regarding the first authentication data. For example, the encryption processing unit 132 a of the portable biometric authentication device 100 a may include a second hash function that is defined in advance and may generate the first test hash value H1′ corresponding to the first authentication data received from the terminal device 200 a. Then, in operation S125, the portable biometric authentication device 100 a may transmit the first test hash value H1′ to the terminal device 200 a.
  • In operation S126, the terminal device 200 a may perform an operation of comparing the first hash value H1 with the first test hash value H1′. When the first hash value H1 is the same as the first test hash value H1′, the terminal device 200 a may determine that authentication of the portable biometric authentication device 100 a is successfully performed in operation S127. That is, if the first hash value H1 corresponding to the first authentication data is the same as the first test hash value H1′ generated by the portable biometric authentication device 100 a based on the first authentication data, then it may be determined that the first and second hash functions are the same, and then the portable biometric authentication device 100 a may be authenticated. On the other hand, if the first hash value H1 is different from the first test hash value H1′, the terminal device 200 a may generate new first authentication data and a new first hash value Hl.
  • FIG. 9 is a flowchart describing in one example the operation S130 of FIG. 5 according to an exemplary embodiment. As described with reference to FIG. 5, in operation S130, the terminal device 200 a and the portable biometric authentication device 100 a may perform an operation authenticating the terminal device 200 a prior to the subsequent authentication of the user. According to an exemplary embodiment, the operation of authenticating the terminal device 200 a may be performed using the encryption processing unit 222 a of the terminal device 200 a in conjunction with the encryption processing unit 132 a of the portable biometric authentication device 100 a.
  • Referring to FIG. 9, in operation S131, the terminal device 200 a may request the portable biometric authentication device 100 a to transmit second authentication data. For example, the NFC controller 221 a of the terminal device 200 a may control the NFC antenna 210 a in response to the second authentication data request of the encryption processing unit 222 a and thus may transmit a second authentication data request to the portable biometric authentication device 100 a.
  • In operation S132, the portable biometric authentication device 100 a may generate the second authentication data and a second hash value H2. For example, the encryption processing unit 132 a of the portable biometric authentication device 100 a may include a third hash function that is defined in advance. The encryption processing unit 132 a may generate the second authentication data in response to the second authentication data request and may generate the second hash value H2 based on the third hash function. Then, in operation S113, the portable biometric authentication device 100 a may transmit the second authentication data to the terminal device 200 a.
  • In operation S134, the terminal device 200 a may generate a second test hash value H2′ regarding the second authentication data. For example, the encryption processing unit 222 a of the terminal device 200 a may include a fourth hash function that is defined in advance and may generate the second test hash value H2′ corresponding to the second authentication data received from the portable biometric authentication device 100 a. Then, in operation S135, the terminal device 200 a may transmit the second test hash value H2′ to the portable biometric authentication device 100 a.
  • In operation S136, the portable biometric authentication device 100 a may perform an operation of comparing the second hash value H2 with the second test hash value H2′. When the second hash value H2 is the same as the second test hash value H2′, the portable biometric authentication device 100 a may transmit an authentication result to the terminal device 200 a in operation S137 and may determine that the authentication of the terminal device 200 a is successfully performed in operation S128. That is, if the second hash value H2 corresponding to the second authentication data is the same as the second test hash value H2′ generated by the terminal device 200 a based on the second authentication data, then it may be determined that the third hash function is the same as the fourth hash function, and then the terminal device 200 a may be authenticated. If the authentication of the terminal device 200 a is successfully performed, the portable biometric authentication device 100 a may perform a subsequent operation, for example, operation S140 of FIG. 5. On the other hand, if the second hash value H2 is different from the second test hash value H2′, the portable biometric authentication device 100 a may generate new second authentication data and a new second hash value H2.
  • FIG. 10 is a block diagram of a portable biometric authentication device 100 b according to another embodiment of the inventive concept. The portable biometric authentication device 100 b may update software or a program based on data received from a terminal device (e.g., a terminal device 200 b of FIG. 11) using NFC.
  • Referring to FIG. 10, the portable biometric authentication device 100 b may include a NFC antenna 110 b, a power supply circuit 120 b, a control subsystem 130 b, a sensor subsystem 140 b, and a non-volatile memory device 150 b. The NFC antenna 110 b, the power supply circuit 120 b, and the sensor subsystem 140 b may perform the same or similar functions as or to the NFC antenna 110 a, the power supply circuit 120 a, and the sensor subsystem 140 a of FIG. 3.
  • The non-volatile memory device 150 b may retain stored data even in the absence of applied power. The non-volatile memory device 150 b may include an Electrically Erasable Programmable Read-Only Memory (EEPROM), flash memory, Phase Change Random Access Memory (PRAM), Resistance Random Access Memory (RRAM), Nano Floating Gate Memory (NFGM), Polymer Random Access Memory (PoRAM), Magnetic Random Access Memory (MRAM), Ferroelectric Random Access Memory (FRAM), or the like, but the non-volatile memory device 150 b is not limited thereto.
  • The non-volatile memory device 150 b may receive a third power voltage VDD_M from the power supply circuit 120 b and may store, in a non-volatile manner, a program or a parameter that defines operations of the control subsystem 130 b and/or the sensor subsystem 140 b. For example, the NFC controller 131 b and/or a fingerprint sensor 141 b may operate based on the program or parameter stored in the non-volatile memory device 150 b. The data stored in the non-volatile memory device 150 b may be updated as data received via NFC, and accordingly, the operations of the control subsystem 130 b and/or the sensor subsystem 140 b may change. That is, software of the portable biometric authentication device 100 b may be updated. Detailed descriptions regarding the update of the software of the portable biometric authentication device 100 b will be provided below with reference to FIG. 11.
  • Although FIG. 10 shows that the portable biometric authentication device 100 b includes one non-volatile memory device 150 b, but the inventive concept is not limited thereto. That is, according to an exemplary embodiment, the portable biometric authentication device 100 b may include two or more non-volatile memory devices to which power is applied by the power supply circuit 120 b respectively, and the control subsystem 130 b and the sensor subsystem 140 b may respectively access different non-volatile memory devices. Also, each of the non-volatile memory devices may be updated as the data is received using NFC.
  • FIG. 11 is a flowchart describing one possible operation of updating the software of the portable biometric authentication device 100 b of FIG. 10 according to an exemplary embodiment.
  • In operation S300, the terminal device 200 b may check whether a software (SW) update request is received. For example, the SW update request may be input to the terminal device 200 b from the user or may be transmitted from a update program.
  • In operation S310, the terminal device 200 b may transmit the SW update request and binary data to the portable biometric authentication device 100 b. The binary data may correspond to a program or a parameter that defines the operations of the control subsystem 130 b and/or the sensor subsystem 140 b.
  • In operation S320, in the portable biometric authentication device 100 b, an operation of writing the binary data to the non-volatile memory device 150 b may be performed. For example, the NFC controller 131 b may control the operation of writing the binary data to the non-volatile memory device 150 b in response to a SW update request, and thus, the operations of the control subsystem 130 b and/or the sensor subsystem 140 b may change.
  • In operation S330, the portable biometric authentication device 100 b may transmit a SW update result to the terminal device 200 b. For example, the portable biometric authentication device 100 b may transmit, to the terminal device 200 b, a size of the data written to the non-volatile memory device 150 b, a time taken to perform the operation of writing the data, information about errors that occur during the operation of writing the data, or the like.
  • FIG. 12 is a block diagram illustrating a portable biometric authentication device 100 c and a terminal device 200 c according to still another embodiment of the inventive concept. The portable biometric authentication device 100 c may be used as a payment medium by transmitting a magnetic pulse to a card terminal based on magnetic stripe data received from the terminal device 200 c, that is, by supporting magnetic stripe transmission (MST).
  • As shown in FIG. 12, the portable biometric authentication device 100 c may include a NFC antenna 110 c, a power supply circuit 120 c, a control subsystem 130 c, a sensor subsystem 140 c, and an inductor 160 c. The NFC antenna 110 c, the power supply circuit 120 c, the control subsystem 130 c, and the sensor subsystem 140 c of the portable biometric authentication device 100 c may perform the same or similar functions as or to their corresponding components of the portable biometric authentication device 100 of FIG. 1. Also, the terminal device 200 c may include a NFC antenna 210 c, a NFC subsystem 220 c, and a personal authentication unit 230 c. The NFC antenna 210 c, the NFC subsystem 220 c, and the personal authentication unit 230 c of the terminal device 200 c may perform the same or similar functions as or to their corresponding components of the terminal device 200 of FIG. 1.
  • Referring to FIG. 12, the personal authentication unit 230 c of the terminal device 200 c may provide magnetic stripe data MSD to the NFC subsystem 220 c. The magnetic stripe data (MSD) is information that is stored by spreading a magnetic substance on a credit card, etc. and may include payment information. When the personal authentication succeeds by using a personal authentication method according to any one of embodiments of the inventive concept, the personal authentication unit 230 c may provide the magnetic stripe data to the NFC subsystem 220 c in order to transmit the magnetic stripe data to the portable biometric authentication device 100 c.
  • Referring to FIG. 12, the portable biometric authentication device 100 c (e.g., the control subsystem 130 c) may include the NFC controller 131 c and an inductor driver 133 c. The NFC controller 131 c may receive the magnetic stripe data MSD from the terminal device 200 c via the NFC antenna 110 c and may provide the magnetic stripe data MSD to the inductor driver 133 c. The inductor driver 133 c may generate a signal transmitted to the inductor 160 c in such a manner that the inductor 160 c generates a magnetic flux to the outside of the portable biometric authentication device 100 c based on the magnetic stripe data MSD. The magnetic stripe data MSD may be transmitted to a card terminal through the magnetic flux or a magnetic pulse generated by the inductor 160 c. The portable biometric authentication device 100 c may improve payment convenience by supporting the MST and the personal authentication using the biometric information.
  • FIG. 13 is a flowchart describing in one example the operations performed between the portable biometric authentication device 100 c and the terminal device 200 c of FIG. 12 according to an exemplary embodiment. That is, FIG. 13 shows an operation of performing, by the portable biometric authentication device 100 c and the terminal device 200 c of FIG. 12, the MST as an example of a security function performed in operation S200 of FIG. 5.
  • Referring to FIG. 13, the terminal device 200 c may request disablement of a fingerprint sensor 141 c in operation S201. Then, in operation S202, the fingerprint sensor 141 c of the portable biometric authentication device 100 c may be disabled. That is, in the portable biometric authentication device 100 c to which power is provided from the terminal device 200 c via the NFC, the fingerprint sensor 141 c (or the sensor subsystem 140 c) is disabled to drive the inductor 160 c while the MST is being performed, and thus power provided to the fingerprint sensor 141 c may be blocked.
  • In operation S203, the terminal device 200 c may transmit the magnetic stripe data to the portable biometric authentication device 100 c. The magnetic stripe data may be encrypted, and the encrypted magnetic stripe data may be transmitted to the portable biometric authentication device 100 c using NFC.
  • In operation S204, an operation of operating the inductor 160 c may be performed to generate the magnetic pulse in the portable biometric authentication device 100 c. For example, the NFC controller 131 c may provide the magnetic stripe data received from the terminal device 200 c to the inductor driver 133 c, and the inductor driver 133 c may drive the inductor 160 c based on the magnetic stripe data. Accordingly, the inductor 160 c may generate a magnetic pulse corresponding to the magnetic stripe data.
  • In operation S205, the terminal device 200 c may receive a payment result via a communication network. For example, the terminal device 200 c may be a mobile phone that communicates with a bank server via a wireless communication network and may receive the payment result, which is produced by transmission of the magnetic stripe that is performed in operations S201 to S204, from the bank server.
  • FIG. 14 is a block diagram illustrating in one example a terminal device 200 d according to an exemplary embodiment. As shown in FIG. 14, a NFC subsystem 220 d may include a NFC controller 221 d and an encryption processing unit 222 d. The NFC controller 221 d and the encryption processing unit 222 d may perform the same or similar functions as or to the NFC controller 221 a and the encryption processing unit 222 a of FIG. 4.
  • Referring to FIG. 14, the terminal device 200 d may include a processor 230 d. The processor 230 d may be a multi-core processor including two or more cores for independently executing instructions. The processor 230 d may execute an operating system that provides a kernel space and a user space. For example, as shown in FIG. 14, the processor 230 d may execute a NFC driver 231 d in the kernel space and may execute a NFC framework 232 d, a fingerprint framework 233 d, and a user application 234 d in the user space. The framework (e.g., the NFC framework 232 d or the fingerprint framework 233 d) may provide generic functionality to the user space, and the user application 234 d may be efficiently designed based on the NFC framework 232 d or the fingerprint framework 233 d.
  • Methods of operating a terminal device according to the above-described embodiments may be performed by the processor 230 d. For example, operations, for example, payment, banking, etc., which require personal authentication may be implemented by the user application 234 d. Through the fingerprint framework 233 d, the user application 234 d may request personal authentication using fingerprints when a security function is performed. The fingerprint framework 233 d may perform at least one of operations S100 to S200 of FIG. 5 by communicating with a portable biometric authentication device (e.g., the portable biometric authentication device 100 of FIG. 1) through the NFC framework 232 d. The NFC framework 232 d may provide an interface for the NFC to the user application 234 d and the fingerprint framework 233 d, and the NFC driver 231 d may provide the NFC framework 232 d with an interface regarding the NFC subsystem 220 d that is an independent hardware device.
  • FIG. 15 is a block diagram illustrating a computing system 400 and a portable biometric authentication device 300 according to an exemplary embodiment. According to an exemplary embodiment, the portable biometric authentication device 300 may communicate with the computing system 400 using NFC.
  • Referring to FIG. 15, the computing system 400 may include a central processing unit 410, a memory subsystem 420, a user interface 430, and a NFC subsystem 440. The central processing unit 410, the memory subsystem 420, the user interface 430, and the NFC subsystem 440 may communicate with each other via a bus 450. Although not shown in FIG. 15, the computing system 400 may communicate with a video card, a sound card, a memory card, a USB device, or the like or may further include a port communicating with other devices.
  • The central processing unit 410 may perform certain calculations or certain tasks. The central processing unit 410 may access the memory subsystem 420 via the bus 450 and may execute multiple instructions stored in the memory subsystem 420. According to an exemplary embodiment, the central processing unit 410 may perform the operations of the personal authentication unit or the operations of the processor 230 d of FIG. 14.
  • The memory subsystem 420 may include one or more memory devices and memory controllers. In an exemplary embodiment, the memory subsystem 420 may include volatile memory device, and the volatile memory device may function as a cache memory. For example, the memory subsystem 420 is a volatile memory device and may include Dynamic Random Access Memory (DRAM), Static Random Access Memory (SRAM), mobile DRAM, Double Data Rate Synchronous Dynamic Random Access Memory (DDR SDRAM), Low Power DDR (LPDDR) SDRAM, Graphic DDR (GDDR) SDRAM, Rambus Dynamic Random Access Memory (RDRAM), or the like.
  • The memory subsystem 420 may be a non-volatile memory device, and the non-volatile memory device may store instructions that form a program executed in the central processing unit 410. For example, the memory subsystem 420 may be a non-volatile memory device and may include Electrically Erasable Programmable Read-Only Memory (EEPROM), flash memory, PRAM, RRAM, NFGM, PoRAM, MRAM, FRAM, or the like.
  • The user interface 430 may include an input device such as a keyboard, a keypad, a mouse, or the like in order to receive an input signal from the user and may include an output device such as a printer, a display device, or the like in order to provide an output signal to the user.
  • The NFC subsystem 440 may perform NFC with electronic devices that include the portable biometric authentication device 300 and support the NFC. According to an exemplary embodiment, the NFC subsystem 440 may control transmission of binary data, authentication data, an encryption key, magnetic stripe data, or the like to the portable biometric authentication device 300 via a NFC antenna. Also, the NFC subsystem 440 may control reception of a fingerprint image, the authentication data, the encryption key, or the like from the portable biometric authentication device 300 via the NFC antenna.
  • Referring to FIG. 15, the portable biometric authentication device 300 may include a power supply circuit 320, a control subsystem 330, and a sensor subsystem 340, and the power supply circuit 320, the control subsystem 330, and the sensor subsystem 340 may each perform operations according to exemplary embodiments. For example, the power supply circuit 320 may generate power based on the electromagnetic field induced from the electromagnetic field generated by the computing system 400 and may respectively provide the generated power to the control subsystem 330 and the sensor subsystem 340.
  • FIG. 16 is a conceptual diagram of a card 500 according to an exemplary embodiment. A portable biometric authentication device may be embodied as the card 500 due to a simple structure and a small form factor. That is, as shown in FIG. 16, the card 500 may include a NFC antenna 510 and a fingerprint sensor 520.
  • The card 500 may be used as an independent payment medium such as a credit card, a debit card, etc. or may be used as a personal authentication device using the NFC and the fingerprint image.
  • While the inventive concept has been particularly shown and described with reference to embodiments thereof, it will be understood that various changes in form and details may be made therein without departing from the scope of the following claims.

Claims (7)

What is claimed is:
1. A portable biometric authentication device that communicates with a terminal device using near field communication (NFC), the portable biometric authentication device comprising:
a NFC antenna;
a power supply circuit that generates at least one power voltage in response to an electromagnetic field generated by the terminal device and received via the NFC antenna;
a sensor subsystem that operates in response to the at least one power voltage and includes a biometric sensor that acquires biometric information from a user; and
a control subsystem that operates in response to the at least one power voltage and includes a NFC controller that controls the communication of the biometric information to the terminal device using the NFC antenna.
2. The portable biometric authentication device of claim 1, wherein the at least one power voltage includes a first power voltage provided to the sensor subsystem and a second power voltage, different from the first power voltage, provided to the control subsystem.
3. The portable biometric authentication device of claim 1, wherein the biometric sensor comprises a fingerprint sensor that acquires a fingerprint image from the user and generates the biometric information from the fingerprint image.
4. The portable biometric authentication device of claim 3, wherein the sensor subsystem further comprises a biometric information compressing unit that compresses the fingerprint image to generate the biometric information.
5. The portable biometric authentication device of claim 3, wherein the control subsystem comprises an encryption processing unit that encrypts the biometric information before the biometric information is communicated to the terminal device.
6. The portable biometric authentication device of claim 5, wherein the portable biometric authentication device is implemented in a mobile phone case having a first surface configured to receive a mobile phone and an opposing second surface externally exposing the fingerprint sensor and NFC antenna.
7. The portable biometric authentication device of claim 1, further comprising:
an inductor that generates a magnetic flux external to the portable biometric authentication device,
wherein the NFC controller controls the communication of magnetic stripe data received from the terminal device, and
the control subsystem further comprises an inductor driver that drives the inductor based on the magnetic stripe data in such a manner that the inductor generates a magnetic pulse.
US16/547,388 2015-10-29 2019-08-21 Portable biometric authentication device and terminal device using near field communication Abandoned US20190379659A1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
US16/547,388 US20190379659A1 (en) 2015-10-29 2019-08-21 Portable biometric authentication device and terminal device using near field communication

Applications Claiming Priority (4)

Application Number Priority Date Filing Date Title
KR10-2015-0151099 2015-10-29
KR1020150151099A KR102461325B1 (en) 2015-10-29 2015-10-29 Portable biometric authentication device and terminal device using near field communication
US15/333,343 US10404695B2 (en) 2015-10-29 2016-10-25 Portable biometric authentication device and terminal device using near field communication
US16/547,388 US20190379659A1 (en) 2015-10-29 2019-08-21 Portable biometric authentication device and terminal device using near field communication

Related Parent Applications (1)

Application Number Title Priority Date Filing Date
US15/333,343 Division US10404695B2 (en) 2015-10-29 2016-10-25 Portable biometric authentication device and terminal device using near field communication

Publications (1)

Publication Number Publication Date
US20190379659A1 true US20190379659A1 (en) 2019-12-12

Family

ID=58635092

Family Applications (2)

Application Number Title Priority Date Filing Date
US15/333,343 Active 2037-02-21 US10404695B2 (en) 2015-10-29 2016-10-25 Portable biometric authentication device and terminal device using near field communication
US16/547,388 Abandoned US20190379659A1 (en) 2015-10-29 2019-08-21 Portable biometric authentication device and terminal device using near field communication

Family Applications Before (1)

Application Number Title Priority Date Filing Date
US15/333,343 Active 2037-02-21 US10404695B2 (en) 2015-10-29 2016-10-25 Portable biometric authentication device and terminal device using near field communication

Country Status (2)

Country Link
US (2) US10404695B2 (en)
KR (1) KR102461325B1 (en)

Families Citing this family (26)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US10467402B2 (en) * 2016-08-23 2019-11-05 Lenovo (Singapore) Pte. Ltd. Systems and methods for authentication based on electrical characteristic information
SE1750836A1 (en) * 2017-06-28 2018-12-29 Fingerprint Cards Ab Fingerprint sensor module comprising antenna and method for manufacturing a fingerprint sensor module
US10186749B1 (en) 2017-09-18 2019-01-22 Qualcomm Incorporated Systems and methods for a remote near field communication antenna unit
SG11202004111RA (en) 2017-11-06 2020-06-29 Visa Int Service Ass Biometric sensor on portable device
SE1751451A1 (en) * 2017-11-24 2019-05-25 Fingerprint Cards Ab Biometric template handling
US11138333B2 (en) 2018-03-07 2021-10-05 Private Identity Llc Systems and methods for privacy-enabled biometric processing
US11210375B2 (en) 2018-03-07 2021-12-28 Private Identity Llc Systems and methods for biometric processing with liveness
US11170084B2 (en) * 2018-06-28 2021-11-09 Private Identity Llc Biometric authentication
US10721070B2 (en) 2018-03-07 2020-07-21 Private Identity Llc Systems and methods for privacy-enabled biometric processing
US11502841B2 (en) 2018-03-07 2022-11-15 Private Identity Llc Systems and methods for privacy-enabled biometric processing
US10938852B1 (en) 2020-08-14 2021-03-02 Private Identity Llc Systems and methods for private authentication with helper networks
US11789699B2 (en) 2018-03-07 2023-10-17 Private Identity Llc Systems and methods for private authentication with helper networks
US11489866B2 (en) 2018-03-07 2022-11-01 Private Identity Llc Systems and methods for private authentication with helper networks
US11394552B2 (en) 2018-03-07 2022-07-19 Private Identity Llc Systems and methods for privacy-enabled biometric processing
US11265168B2 (en) 2018-03-07 2022-03-01 Private Identity Llc Systems and methods for privacy-enabled biometric processing
US11392802B2 (en) 2018-03-07 2022-07-19 Private Identity Llc Systems and methods for privacy-enabled biometric processing
KR20190109104A (en) * 2018-03-16 2019-09-25 주식회사 시솔지주 Non power finger scan card and operating method of the same
KR102579881B1 (en) * 2018-03-27 2023-09-18 삼성전자주식회사 A near field communication integrated circuit and wireless communication device including the same
US20210224403A1 (en) * 2018-06-18 2021-07-22 Koninklijke Philips N.V. Secure remote image analysis based on randomized data transformation
KR102507519B1 (en) * 2018-08-20 2023-03-08 삼성전자주식회사 Electronic device for controlling specified functions based on electromagnetic signal detection and method thereof
KR102455588B1 (en) * 2018-12-06 2022-10-14 동우 화인켐 주식회사 Antenna structure and display device including the same
KR102214358B1 (en) * 2019-06-14 2021-02-09 주식회사 루프 Data input and output structure in differential signal lines having signal extracting unit
GB2588661B (en) * 2019-10-31 2023-11-22 Zwipe As Biometrically protected device
US11467848B2 (en) * 2020-05-07 2022-10-11 Capital One Services, Llc Portable operating system and portable user data
US20220303131A1 (en) * 2021-03-17 2022-09-22 Apple Inc. Split processing of biometric data
US20230169596A1 (en) * 2021-11-30 2023-06-01 Capital One Services, Llc Systems and techniques for authenticating insurance claims

Family Cites Families (29)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
AU2003255949A1 (en) 2002-07-09 2004-01-23 Neology, Inc. System and method for providing secure identification solutions
JP2005346606A (en) 2004-06-07 2005-12-15 Matsushita Electric Ind Co Ltd Electronic settlement system using mobile telephone
JP2006060392A (en) 2004-08-18 2006-03-02 Nec Corp Unauthorized-use preventive system and identification method for information terminal device
JP4736744B2 (en) * 2005-11-24 2011-07-27 株式会社日立製作所 Processing device, auxiliary information generation device, terminal device, authentication device, and biometric authentication system
US20070131759A1 (en) 2005-12-14 2007-06-14 Cox Mark A Smartcard and magnetic stripe emulator with biometric authentication
US8395478B2 (en) 2006-10-30 2013-03-12 Broadcom Corporation Secure profile setting in a shared device
US9237018B2 (en) * 2007-07-05 2016-01-12 Honeywell International Inc. Multisystem biometric token
US20090144456A1 (en) * 2007-11-30 2009-06-04 Alexander David Gelf Interface Device for Securely Extending Computer Functionality
KR100946989B1 (en) 2007-12-28 2010-03-15 전자부품연구원 Apparatus and method for wireless sensing
US8814052B2 (en) * 2008-08-20 2014-08-26 X-Card Holdings, Llc Secure smart card system
KR101047906B1 (en) 2008-09-09 2011-07-08 전자부품연구원 Operating System and Method of RF Card Using Fingerprint Sensor
JP5969209B2 (en) * 2008-12-15 2016-08-17 カードラボ エーピーエスCardlab Aps RFID tag
JP2011048523A (en) 2009-08-26 2011-03-10 Kyocera Corp Portable radio terminal
KR101574968B1 (en) 2010-11-01 2015-12-08 한국전자통신연구원 Portable sensor apparatus, and service system based on biometric Authentication including the same
US8762742B2 (en) * 2011-05-16 2014-06-24 Broadcom Corporation Security architecture for using host memory in the design of a secure element
EP2525298B1 (en) 2011-05-17 2016-07-13 Nxp B.V. Authentication method
US9204298B2 (en) * 2011-09-13 2015-12-01 Bank Of America Corporation Multilevel authentication
US20130090942A1 (en) * 2011-10-11 2013-04-11 Safe-Link, Llc Sytem and method for preventing healthcare fraud
US8494838B2 (en) * 2011-11-10 2013-07-23 Globili Llc Systems, methods and apparatus for dynamic content management and delivery
US9740342B2 (en) * 2011-12-23 2017-08-22 Cirque Corporation Method for preventing interference of contactless card reader and touch functions when they are physically and logically bound together for improved authentication security
US20130254117A1 (en) * 2011-12-30 2013-09-26 Clay W. von Mueller Secured transaction system and method
US9633247B2 (en) 2012-03-01 2017-04-25 Apple Inc. Electronic device with shared near field communications and sensor structures
US20150127553A1 (en) 2012-06-06 2015-05-07 Mohan Sundaram Intelligent payment card and a method for performing secure transactions using the payment card
US9436940B2 (en) * 2012-07-09 2016-09-06 Maxim Integrated Products, Inc. Embedded secure element for authentication, storage and transaction within a mobile terminal
US9223942B2 (en) 2013-10-31 2015-12-29 Sony Corporation Automatically presenting rights protected content on previously unauthorized device
US10121144B2 (en) 2013-11-04 2018-11-06 Apple Inc. Using biometric authentication for NFC-based payments
US9153998B2 (en) * 2013-12-02 2015-10-06 Qualcomm Incorporated Wireless power orthogonal polarization antenna array
FR3025388B1 (en) * 2014-09-01 2019-08-23 Lg Electronics Inc. PORTABLE TERMINAL ON SELF
US10162347B2 (en) * 2015-04-20 2018-12-25 Lg Electronics Inc. Mobile terminal and method for controlling the same

Also Published As

Publication number Publication date
US10404695B2 (en) 2019-09-03
KR102461325B1 (en) 2022-10-31
US20170126672A1 (en) 2017-05-04
KR20170050055A (en) 2017-05-11

Similar Documents

Publication Publication Date Title
US10404695B2 (en) Portable biometric authentication device and terminal device using near field communication
JP5920747B1 (en) Application programs and cards
KR102204247B1 (en) Apparatus and Method for processing biometric information in a electronic device
KR101830952B1 (en) Using biometric authentication for nfc-based payments
US10194318B2 (en) Systems and methods for NFC access control in a secure element centric NFC architecture
KR101971329B1 (en) Provisioning and authenticating credentials on an electronic device
US20210044575A1 (en) Electronic device and method for generating attestation certificate based on fused key
EP3709205B1 (en) Electronic device including secure integrated circuit
US11416598B2 (en) Authentication and generation of information for authentication
EP3648038A1 (en) Writing and payment method, apparatus and device for nfc portable device
US9563773B2 (en) Systems and methods for securing BIOS variables
US20210026983A1 (en) Electronic device and method for protecting personal information using secure switch
WO2016019206A1 (en) Smart card reader with public key index on host device
KR102071438B1 (en) Payment authentication method and apparatus of mobile terminal and mobile terminal
WO2017076270A1 (en) Smart card having function of one time password (otp), and work method therefor
US20170277879A1 (en) Ic card, ic module, and ic card system
KR102650721B1 (en) Electronic device and method for processing remote payment
CN105184564B (en) Card-free payment method and system
JP2015060407A (en) Ic card, portable terminal, and ic card processing system
US9113329B2 (en) Mobile device learning mode for secure identification
EP4345664A1 (en) Electronic device for protecting bio-information of user
US20230359530A1 (en) Electronic device for supporting data backup, and operation method thereof
US20220103350A1 (en) Electronic device for selecting key to be used for encryption on basis of amount of information of data to be encrypted, and operation method of electronic device
CN117957538A (en) Electronic device for protecting biological information of user
KR20210010593A (en) Apparatus and Method for processing biometric information in a electronic device

Legal Events

Date Code Title Description
STPP Information on status: patent application and granting procedure in general

Free format text: DOCKETED NEW CASE - READY FOR EXAMINATION

STPP Information on status: patent application and granting procedure in general

Free format text: RESPONSE TO NON-FINAL OFFICE ACTION ENTERED AND FORWARDED TO EXAMINER

STPP Information on status: patent application and granting procedure in general

Free format text: ADVISORY ACTION MAILED

STPP Information on status: patent application and granting procedure in general

Free format text: DOCKETED NEW CASE - READY FOR EXAMINATION

STPP Information on status: patent application and granting procedure in general

Free format text: NON FINAL ACTION MAILED

STPP Information on status: patent application and granting procedure in general

Free format text: RESPONSE TO NON-FINAL OFFICE ACTION ENTERED AND FORWARDED TO EXAMINER

STPP Information on status: patent application and granting procedure in general

Free format text: FINAL REJECTION MAILED

STCB Information on status: application discontinuation

Free format text: ABANDONED -- FAILURE TO RESPOND TO AN OFFICE ACTION