US20190379659A1 - Portable biometric authentication device and terminal device using near field communication - Google Patents
Portable biometric authentication device and terminal device using near field communication Download PDFInfo
- Publication number
- US20190379659A1 US20190379659A1 US16/547,388 US201916547388A US2019379659A1 US 20190379659 A1 US20190379659 A1 US 20190379659A1 US 201916547388 A US201916547388 A US 201916547388A US 2019379659 A1 US2019379659 A1 US 2019379659A1
- Authority
- US
- United States
- Prior art keywords
- biometric authentication
- authentication device
- terminal device
- portable biometric
- nfc
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Abandoned
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0861—Network architectures or network communication protocols for network security for authentication of entities using biometrical features, e.g. fingerprint, retina-scan
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
- H04L63/0492—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload by using a location-limited connection, e.g. near-field communication or limited proximity of entities
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0853—Network architectures or network communication protocols for network security for authentication of entities using an additional device, e.g. smartcard, SIM or a different communication terminal
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/06—Authentication
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W4/00—Services specially adapted for wireless communication networks; Facilities therefor
- H04W4/80—Services using short range communication, e.g. near-field communication [NFC], radio-frequency identification [RFID] or low energy communication
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F3/00—Input arrangements for transferring data to be processed into a form capable of being handled by the computer; Output arrangements for transferring data from processing unit to output unit, e.g. interface arrangements
- G06F3/01—Input arrangements or combined input and output arrangements for interaction between user and computer
- G06F3/03—Arrangements for converting the position or the displacement of a member into a coded form
- G06F3/033—Pointing devices displaced or positioned by the user, e.g. mice, trackballs, pens or joysticks; Accessories therefor
- G06F3/0354—Pointing devices displaced or positioned by the user, e.g. mice, trackballs, pens or joysticks; Accessories therefor with detection of 2D relative movements between the device, or an operating part thereof, and a plane or surface, e.g. 2D mice, trackballs, pens or pucks
- G06F3/03547—Touch pads, in which fingers can move on a surface
Definitions
- the inventive concept relates to a portable biometric authentication device and a terminal device. More particularly, the inventive concept relates to a portable biometric authentication device and a terminal device capable of communicating using near field communication (NFC).
- NFC near field communication
- Biometric authentication is usually based on one or more types of biometric information (e.g., a fingerprint, an iris, a finger vein, voice, etc.) provided by a user.
- biometric information e.g., a fingerprint, an iris, a finger vein, voice, etc.
- Biometric authentication is very convenient, since it frees the user for such requirements as carrying various card(s) and key(s) or memorizing passwords.
- biometric information is difficult to counterfeit or falsify, thereby making biometric authentication highly secure.
- Different forms of biometric information may be readily acquired using one or more biometric sensor(s) provided by an electronic device, such as a mobile phone.
- biometric sensor(s) provided by an electronic device, such as a mobile phone.
- many electronic devices either do not include biometric sensor(s) or are not physically, commercially and/or functionally susceptible to the incorporation of biometric sensor(s). Such electronic devices are not able to provide biometric authentication.
- the inventive concept relates to a portable biometric authentication device and a terminal device and provides a portable biometric authentication device for providing biometric information via near field communication (NFC) and a terminal device for providing power to the portable biometric authentication device via the NFC.
- NFC near field communication
- a portable biometric authentication device that communicates with a terminal device using near field communication (NFC).
- the portable biometric authentication device includes; a NFC antenna, a power supply circuit that generates at least one power voltage in response to an electromagnetic field generated by the terminal device and received via the NFC antenna, a sensor subsystem that operates in response to the at least one power voltage and includes a biometric sensor that acquires biometric information from a user, and a control subsystem that operates in response to the at least one power voltage and includes a NFC controller that controls the communication of the biometric information to the terminal device using the NFC antenna.
- a terminal device configured to communicate with a portable biometric authentication device using near field communication (NFC).
- the terminal device includes a first NFC antenna, a NFC subsystem configured to generate an electromagnetic field using the first NFC antenna, such that the portable biometric authentication device operates in response to at least one power voltage generated by the portable biometric authentication device in response to an electrical current induced in a second NFC antenna of the portable biometric authentication device by the electromagnetic field, and a personal authentication unit configured to perform personal authentication for a user of the portable biometric authentication in response to biometric information provided by the user to the portable biometric authentication device.
- NFC near field communication
- a method of operating a system including a terminal device using near field communication (NFC) to communicate with a portable biometric authentication device.
- the method includes; powering operation of the portable biometric authentication device solely from an electromagnetic field generated by the terminal device, generating a request for biometric information of a user of the portable biometric authentication device in the terminal device, generating first biometric information from a fingerprint image provided by the user to a fingerprint sensor disposed in the portable biometric authentication device, communicating the first biometric information from the portable biometric authentication device to the terminal device using the NFC, and performing personal authentication of the user in the terminal device in response to the first biometric information.
- NFC near field communication
- FIG. 1 is a block diagram of a portable biometric authentication device and a terminal device according to an exemplary embodiment
- FIG. 2 is diagrams of respective examples of the portable biometric authentication device and the terminal device of FIG. 1 according to an exemplary embodiment
- FIG. 3 is a block diagram of a portable biometric authentication device according to an exemplary embodiment
- FIG. 4 is a block diagram of a terminal device according to an exemplary embodiment
- FIG. 5 is a flowchart of operations performed between the portable biometric authentication device and the terminal device of FIGS. 3 and 4 , according to an exemplary embodiment
- FIG. 6 is a flowchart of an example of operation S 110 of FIG. 5 , according to an exemplary embodiment
- FIG. 7 is a flowchart of an operation of receiving/transmitting data by a terminal device and a portable biometric authentication device in an encrypted near field communication (NFC) channel, according to an exemplary embodiment
- FIG. 8 is a flowchart of an example of operation S 120 of FIG. 5 according to an exemplary embodiment
- FIG. 9 is a flowchart of an example of operation S 130 of FIG. 5 according to an exemplary embodiment
- FIG. 10 is a block diagram of a portable biometric authentication device according to an exemplary embodiment
- FIG. 11 is an operation of updating software by the portable biometric authentication device of FIG. 10 , according to an exemplary embodiment
- FIG. 12 is a block diagram of a portable biometric authentication device and a terminal device according to an exemplary embodiment
- FIG. 13 is a flowchart of operations performed between the portable biometric authentication device and the terminal device of FIG. 12 , according to an exemplary embodiment
- FIG. 14 is a block diagram of a terminal device according to an exemplary embodiment
- FIG. 15 is a block diagram of a computing system and a portable biometric authentication device according to an exemplary embodiment.
- FIG. 16 is a diagram of a card according to an exemplary embodiment.
- NFC near field communication
- Various approaches to NFC establish a set of corresponding communication protocols that enable one-way or two-way communication (i.e., transmission and/or reception) of signal(s) between multiple electronic devices.
- a first electronic device generates an electromagnetic field
- a second electronic devices comes into proximity with the electromagnetic field, an electrical signal is induced such that information may be wirelessly communicated between the first electronic device and second electronic device.
- NFC information may be wirelessly communicated across a distance of up to about 10 cm.
- Data communicated using NFC may be used by a user of an electronic device to make a payment, access an account, gain access to a product or place, etc.
- the International Organization for Standards (ISO) and International Electro-technical Commission (IEC) ISO/IEC 21481 specifies a communication protocol, a data exchange format, signal frequencies and bandwidths (e.g., 13.56 MHz), etc., enabling NFC between electronic devices.
- NFC may be used to communicate not only information or data bearing signal(s), but also power signal(s). That is, a first electronic device (the “initiator”) may generate an electromagnetic field, and a second electronic device (the “target”) may extract power from the electromagnetic field generated by the initiator device sufficient to operate the target device. For example, some target devices may extract an electrical current of up to about 50 mA from an electromagnetic field generated by an initiator device.
- FIG. 1 is a block diagram of a portable biometric authentication device 100 and a terminal device 200 according to an embodiment of the inventive concept.
- the portable biometric authentication device 100 and terminal device 200 communication information using NFC.
- the portable biometric authentication device 100 may be used to acquire biometric information associated with a user and provide the acquired biometric information to the terminal device 200 .
- the terminal device 200 may then perform personal authentication using (or based on) the provided biometric information.
- the terminal device 200 may provide power to the portable biometric authentication device 100 using NFC, such that the portable biometric authentication device 100 may acquire biometric information, communicate acquired biometric information to the terminal device 200 , or perform some other function.
- the portable biometric authentication device 100 may include a NFC antenna 110 , a power supply circuit 120 , a control subsystem 130 , and a sensor subsystem 140 .
- the NFC antenna 110 may be used to (1) generate an electromagnetic field according to signals received from the control subsystem 130 (e.g., a NFC controller 131 in the control subsystem 130 ) and (2) receive an electromagnetic field generated by the terminal device 200 and provide one or more corresponding electrical signals induced in the NFC antenna 110 by the received electromagnetic field.
- the NFC antenna 110 may be an antenna module including passive elements where the nature and arrangement of the passive elements may be determined by one or more resonance frequencies defined by an appropriate NFC protocol governing the operation of the terminal device 200 and/or portable biometric authentication device 100 .
- the power supply circuit 120 may be connected to the NFC antenna 110 and may generate one or more power signals from the electrical signal(s) induced by an electromagnetic field proximate to the NFC antenna 110 .
- the power supply circuit 120 may extract an electrical current induced in the NFC 110 by the electromagnetic field and generate at least one power voltage based on the extracted electrical current.
- the power supply circuit 120 is assumed to provide a first power voltage VDD_C to the control subsystem 130 and a second power voltage VDD_S to the sensor subsystem 140 .
- the control subsystem 130 and the sensor subsystem 140 may respectively operate in response to the first and second power voltages VDD_C and VDD_S provided by the power supply circuit 120 .
- FIG. 1 shows different power voltages being provided to the control subsystem 130 and sensor subsystem 140 from the power supply circuit 120 .
- identical power voltage(s) may be provided by the power supply circuit 120 to the control subsystem 130 and sensor subsystem 140 .
- control subsystem 130 of FIG. 1 is assumed to include the NFC controller 131 , where the NFC controller 131 may be used in the portable biometric authentication device 100 to control the communication of data via the NFC antenna 110 .
- the NFC controller 131 may be used to control the reception of a biometric information request received from the terminal device 200 and/or the transmission of (first) biometric information INFO_ 1 provided by the sensor subsystem 140 to the terminal device 200 in response to the biometric information request.
- the NFC controller 131 is assumed to operate in response to the first power voltage VDD_C provided by the power supply circuit 120 .
- the sensor subsystem 140 may include a biometric sensor 141 that is capable of providing the first biometric information INO_ 1 to the control subsystem 130 .
- the biometric sensor 141 may acquire the biometric information from the user (e.g., a fingerprint image, an iris image, a finger vein pattern, voice pattern, or the like) and then convert the biometric information into corresponding electrical signal(s).
- the biometric sensor 141 is assumed to operate in response to the second power voltage VDD_S provided by the power supply circuit 120 .
- the control subsystem 130 and sensor subsystem 140 included in the portable biometric authentication device 100 may be operated using one or more power signals (e.g., power voltages) generated by the power supply circuit 120 in response to at least one electrical signal induced in the NFC antenna 110 by an electromagnetic field generated by the terminal device 200 .
- the portable biometric authentication device 100 need not include a battery or equivalent internal power source, yet need not be externally connected to a power terminal in order to operate.
- This feature allows the portable biometric authentication device 100 to be relatively simple in its design and structure. Further it may be provided (e.g., manufactured, fabricated and/or physically provisioned) with a relatively small form factor.
- the term “small” refers to one or more physical dimensions (e.g., height, width, length, thickness, area, volume, etc.) of the portable biometric authentication device 100 .
- the portable biometric authentication device 100 may be provided in a variety of user-friendly forms.
- the portable biometric authentication device 100 may be embedded within a cover or case of the terminal device 200 .
- the portable biometric authentication device 100 may be embedded within a convenient card (e.g., a credit card like form).
- a convenient card e.g., a credit card like form.
- the terminal device 200 may be an electronic device capable of performing personal authentication by communicating with the portable biometric authentication device 100 using NFC.
- the terminal device 200 may be a desktop computer, a server system, a smart TV, an electric gate, a point of sale (POS) system, or the like.
- the terminal device 200 may be a portable electronic device such as a laptop computer, a tablet PC, a mobile phone, a smart phone, an e-reader, a personal digital assistant (PDA), an enterprise digital assistant (EDA), a digital still camera, a digital video camera, a portable multimedia player (PMP), a personal or portable navigation device (PND), a handheld game console, or the like.
- PDA personal digital assistant
- EDA enterprise digital assistant
- PMP portable multimedia player
- PND personal or portable navigation device
- the terminal device 200 may include a NFC antenna 210 , a NFC subsystem 220 , and a personal authentication unit 230 .
- the NFC antenna 210 may be used to generate an electromagnetic field according to signals received from the NFC subsystem 220 (e.g., a NFC controller 221 ) or generate one or more electrical signals in response to an electromagnetic field generated by the portable biometric authentication device 100 .
- the NFC antenna 210 may be an antenna module including passive elements where the number and arrangement of passive elements may determined by one or more resonance frequencies of the NFC antenna 210 .
- the NFC subsystem 220 may include the NFC controller 221 , and the NFC controller 221 may control the NFC communication of data via the NFC antenna 210 .
- the NFC controller 221 may communicate a biometric information request to the portable biometric authentication device 100 and/or receive biometric information from the portable biometric authentication device 100 via the NFC antenna 210 .
- the NFC controller 221 may control the NFC antenna 210 such that power sufficient to operate the portable biometric authentication device 100 is provided to the portable biometric authentication device 100 by the electromagnetic field generated via the NFC antenna 210 .
- the personal authentication unit 230 may receive (second) biometric information INFO_ 2 from the NFC subsystem 220 and may perform personal authentication based on the biometric information INFO_ 2 . For example, the personal authentication unit 230 may determine (e.g., compare) whether the second biometric information INFO_ 2 provided by the NFC subsystem 220 corresponds with expected (e.g., previously registered or predetermined) biometric information associated with the user during personal authentication.
- the personal authentication unit 230 may be implemented as hardware logic operating in accordance with a state machine or as a processor executing a program stored in a memory accessible to the terminal device 230 .
- FIG. 2 is a conceptual diagram illustrating respective physical implementations of the portable biometric authentication device 100 and terminal device 200 of FIG. 1 according to an embodiment of the inventive concept. That is, FIG. 2 shows a rear (or back) surface of a mobile phone 200 ′ and a mobile phone case 100 ′ that is mechanically attachable/detachable to the rear surface of the mobile phone 200 ′.
- the mobile phone case 100 ′ may include a first primary surface configured to receive and attach the mobile phone 200 ′ and an opposing second primary surface exposing a NFC antenna 110 ′ and a biometric sensor 141 ′. That is, each of these two elements is externally exposed or accessible without removing the mobile phone 200 ′ from the mobile phone case 100 ′.
- the NFC antenna 110 ′ may be embedded in the mobile phone case 110 ′ such that the NFC antenna 110 ′ may be positioned to face a NFC antenna 210 ′ embedded in the mobile phone 200 ′ when the mobile phone case 100 ′ is attached to the mobile phone 200 ′.
- the biometric sensor 141 ′ may be provided in a surface opposite to the surface of mobile phone case 100 ′ facing the mobile phone 200 ′, such that the biometric sensor 141 ′ is externally exposed when the mobile phone case 100 ′ is attached to the mobile phone 200 ′. In this manner, the biometric sensor 141 ′ may readily acquire biometric information from the user, such that the biometric information may be communicated to the mobile phone 200 ′ via the NFC antenna 110 ′.
- the mobile phone 200 ′ may include the NFC antenna 210 ′ and may perform personal authentication for the user based on the biometric information received via the NFC antenna 210 ′. For example, the mobile phone 200 ′ may access a bank server via a wireless communication network once personal authentication has been successfully performed and thus may provide access to certain banking function(s) by the authenticated user. The mobile phone 200 ′ may drive the NFC antenna 210 ′ to provide a NFC controller (not shown in FIG. 2 ), the biometric sensor 141 ′, or the like included in the mobile phone case 100 ′ with sufficient operating power.
- a NFC controller not shown in FIG. 2
- the biometric sensor 141 ′ or the like included in the mobile phone case 100 ′ with sufficient operating power.
- the portable biometric authentication device 100 of FIG. 1 need not include a battery or power terminal connection in order to connect and operate the portable biometric authentication device 100 with the terminal device 200 .
- the portable biometric authentication device 100 may be embodied as the mobile phone case 100 ′ which is a desirable accessory for the mobile phone 200 ′.
- the mobile phone case 100 ′ may allow the mobile phone 200 ′, which does not include a biometric sensor, to perform personal authentication based on biometric information obtained from a user.
- FIG. 3 is a block diagram further illustrating in one example a portable biometric authentication device 100 a according to an embodiment of the inventive concept.
- FIG. 4 is a block diagram further illustrating in one example a terminal device 200 a according to an embodiment of the inventive concept.
- the portable biometric authentication device 100 a of FIG. 3 is assumed to acquire a fingerprint image of the user as biometric information.
- the terminal device 200 a of FIG. 4 is assumed to perform personal authentication based on the acquired fingerprint image.
- a fingerprint image is used as one example of possible biometric information, but those skilled in the art will understand that one or more other types of biometric information may be substituted for described fingerprint image.
- the portable biometric authentication device 100 a may include a NFC antenna 110 a , a power supply circuit 120 a , a control subsystem 130 a , and a sensor subsystem 140 a .
- the NFC antenna 110 a and the power supply circuit 120 a may perform the same or similar functions as or to the NFC antenna 110 and the power supply circuit 120 of FIG. 1 .
- the sensor subsystem 140 a is assumed to include a fingerprint sensor 141 a and a fingerprint image compressing unit 142 a .
- the fingerprint sensor 141 a and the fingerprint image compressing unit 142 a may operate based on the second power voltage VDD_S provided by the power supply circuit 120 a to the sensor subsystem 140 a.
- the fingerprint sensor 141 a may acquire and detect a fingerprint image provided by the user and correspondingly output one or more fingerprint images INFO_ 0 as electrical signal(s).
- the electrical signal(s) corresponding to the provided fingerprint image are processed by the fingerprint sensor 141 a to (e.g.,) generate multiple, corresponding image pixels and generate output signals from the image pixels (e.g., the fingerprint images INFO_ 0 ).
- the fingerprint images INFO_ 0 provided by the fingerprint sensor 141 a may be compressed by the fingerprint image compressing unit 142 a . That is, fingerprint images INFO_ 1 provided by the sensor subsystem 140 a to the control subsystem 130 a may be compressed data.
- the fingerprint sensor 141 a may detect the fingerprint of the user a number of times during a given cycle and provide one or more fingerprint images INFO_ 0 as the result of each cycle.
- the speed with which the fingerprint sensor 141 a provides the fingerprint images INFO_ 0 is an important factor in determining the speed with which biometric information is provided by the portable biometric authentication device 100 a to the terminal device 200 a .
- the fingerprint image compressing unit 142 a may efficiently provide the first biometric information INFO_ 1 (e.g., compressed fingerprint images INFO_ 0 ) in response to the operation of the fingerprint sensor 141 a .
- the fingerprint image compressing unit 142 a may select one or more of the fingerprint images INFO_ 1 and provide the selected fingerprint images for further processing by the fingerprint image compressing unit 142 a in order to generate high-quality biometric information INFO_ 1 from two or more fingerprint images INFO_ 0 .
- the control system 130 a may include a NFC controller 131 a and an encryption processing unit 132 a .
- the NFC controller 131 a and encryption processing unit 132 a may operate in response to the first power voltage VDD_C provided from the power supply circuit 120 a to the control subsystem 130 a .
- the NFC controller 131 a may perform the same or similar functions as or to the NFC controller 131 of FIG. 1 .
- the first biometric information communicated by the portable biometric authentication device 100 a to the terminal device 200 a via the NFC may be encrypted prior to transmission. That is, the encryption processing unit 132 a may encrypt the first biometric information INFO_ 1 provided by the sensor subsystem 140 a (e.g., the fingerprint image compressing unit 142 a ). Security of the fingerprint image(s) INFO_ 0 used during personal authentication must be maintained throughout the processes of acquiring, processing and most particularly during the transmission of the biometric information by the portable biometric authentication device 100 a .
- the encryption processing unit 132 a may be used to maintain the security of the biometric information INFO_ 1 (and the underlying fingerprint image(s) INFO_ 0 ) during transmission of the biometric information INFO_ 1 to the terminal device 200 a using NFC.
- the first biometric information INFO_ 1 communicated by the portable biometric authentication device 100 a may be encrypted data.
- the terminal device 200 a will include the components necessary to exchange encrypted data with the portable biometric authentication device 100 a .
- the encryption processing unit 132 a of FIG. 3 may be used to encrypt the first biometric information generated by the portable biometric authentication device 100 a .
- the terminal device 200 a may include a NFC antenna 210 a , a NFC subsystem 220 a , and a personal authentication unit 230 a .
- the NFC antenna 210 a and personal authentication unit 230 a may perform the same or similar functions as or to the NFC antenna 210 and the personal authentication unit 230 of FIG. 1 .
- the NFC subsystem 220 a may include a NFC controller 221 a and an encryption processing unit 222 a .
- the NFC controller 221 a may perform the same or similar functions as or to the NFC controller 221 of FIG. 1 .
- the encryption processing unit 222 a may be used to decrypt the encrypted first biometric information received from the portable biometric authentication device 100 a using NFC. As described with reference to FIG. 3 , the encryption processing unit 132 a of the portable biometric authentication device 100 a may generate an encrypted, compressed, fingerprint image as the first biometric information INFO_ 1 that is communicated via an electromagnetic field generated by the NFC antenna 110 a . The encryption processing unit 222 a of the terminal device 200 a may be used to decrypt the encrypted biometric information in order to generate corresponding second biometric information INFO_ 2 that is provided to the personal authentication unit 230 a .
- the encryption processing unit 222 a may also be used to encrypt data (e.g., a biometric information request) communicated to the portable biometric authentication device 100 a using NFC. A more detailed description of possible operations of the encryption processing unit 222 a will be described with reference to FIGS. 6 and 7 hereafter.
- the encryption processing unit 132 a of the portable biometric authentication device 100 a and the encryption processing unit 222 a of the terminal device 200 a may be respectively implemented as an embedded secure element (eSE) indicating that an SE, which denotes an area including an element for safely storing or processing data, for example, financial information, authentication information, a service application, etc., which needs to be secured, is embedded in a semiconductor chip.
- eSE embedded secure element
- the encryption processing unit 132 a and the NFC controller 131 a of the portable biometric authentication device 100 a may be embedded in one semiconductor chip
- the encryption processing unit 222 a and the NFC controller 221 a of the terminal device 200 a may be embedded in one semiconductor chip.
- FIG. 5 is a flowchart describing the interoperation between the portable biometric authentication device 100 a and terminal device 200 a of FIGS. 3 and 4 according to certain embodiments of the inventive concept.
- FIG. 5 shows a temporal flow of operations performed between the portable biometric authentication device 100 a and the terminal device 200 a such that the terminal device 200 a receives a security function request and a security function is enabled.
- the operations of FIG. 5 will be described with reference to FIGS. 3 and 4 .
- the terminal device 200 a may check whether the security function request is received.
- the security function may be an operation that requires personal authentication and may include, for example, a payment function, a banking function, etc.
- the terminal device 200 a may receive the security function request from the user.
- the terminal device 200 a and the portable biometric authentication device 100 a may perform an operation of forming an encrypted NFC channel. As the encrypted NFC channel is formed, security of data exchanged between the terminal device 200 a and the portable biometric authentication device 100 a may be maintained. A detailed description of operation S 110 will be provided with reference to FIG. 6 hereafter.
- the terminal device 200 a and the portable biometric authentication device 100 a may perform an operation of authenticating the portable biometric authentication device 100 a .
- the terminal device 200 a and the portable biometric authentication device 100 a may perform an operation of authenticating the terminal device 200 a .
- security of the personal authentication using the portable biometric authentication device 100 a may be reinforced.
- operations S 120 and S 130 will be provided with reference to FIGS. 8 and 9 hereafter.
- the portable biometric authentication device 100 a may perform an operation of enabling the sensor subsystem 140 a .
- the NFC controller 131 a may enable the sensor subsystem 140 a when the terminal device 200 a is successfully authenticated in operation S 130 .
- the NFC controller 131 a may, for example, control the power supply circuit 120 a to provide the second power voltage VDD_S to the sensor subsystem 140 a or may inactivate an enable input signal of the sensor subsystem 140 a.
- the terminal device 200 a may request the portable biometric authentication device 100 a to acquire biometric information (e.g., a fingerprint image).
- the portable biometric authentication device 100 a e.g., the fingerprint sensor 141 a
- the portable biometric authentication device 100 a may acquire the fingerprint image from a fingerprint of the user.
- the portable biometric authentication device 100 a e.g., the encryption processing unit 132 a
- the portable biometric authentication device 100 a may transmit the encrypted fingerprint image to the terminal device 200 a.
- the terminal device 200 a may determine whether the personal authentication succeeds. For example, the terminal device 200 a (e.g., the encryption processing unit 222 a ) may decrypt the encrypted fingerprint image received from the portable biometric authentication device 100 a . Then, the terminal device 200 a (e.g., the personal authentication unit 230 a ) may compare the decrypted fingerprint image with a known (e.g., registered or vetted) fingerprint image associated with the user. If the decrypted fingerprint image is different from the registered fingerprint image for the user, the terminal device 200 a may re-request that the portable biometric authentication device 100 a acquire a fingerprint image. On the other hand, if the decrypted fingerprint image is the same as the registered fingerprint image for the user, the terminal device 200 a may perform the security function in operation S 200 .
- the terminal device 200 a may perform the security function in operation S 200 .
- FIG. 6 is a flowchart further illustrating in one example the operation S 110 of FIG. 5 according to an exemplary embodiment.
- the terminal device 200 a and the portable biometric authentication device 100 a may perform the operation of forming the encrypted NFC channel in operation S 110 .
- the terminal device 200 a may generate an electromagnetic field. That is, the terminal device 200 a , as the initiator device of the NFC, may generate a carrier field.
- the NFC controller 221 a may control the NFC antenna 210 a such that the NFC antenna 210 a generates the electromagnetic field.
- the portable biometric authentication device 100 a may generate one or more power signals from the received electromagnetic field.
- the power supply circuit 120 a may generate one or more power voltage(s) from an electrical current induced in the NFC antenna 110 a by the electromagnetic field generated by the NFC antenna 210 a of the terminal device 200 a .
- the power generated by the power supply circuit 120 a may be provided to components of the portable biometric authentication device 100 a , for example, the control subsystem 130 a and the sensor subsystem 140 a , respectively.
- the terminal device 200 a may transmit a first encryption key to the portable biometric authentication device 100 a
- the portable biometric authentication device 100 a may transmit a second encryption key to the terminal device 200 a
- the first encryption key may be used to encrypt biometric information (e.g., a fingerprint image) transmitted by the portable biometric authentication device 100 a to the terminal device 200 a
- the second encryption key may be used to encrypt data (e.g., a fingerprint image acquisition request, binary data, magnetic stripe data, etc.) transmitted by the terminal device 200 a to the portable biometric authentication device 100 a .
- the encrypted NFC channel may be formed between the terminal device 200 a and the portable biometric authentication device 100 a through operations, that is, operations S 111 to S 114 .
- FIG. 7 is a flowchart describing in one example the operations of receiving/transmitting data between the terminal device 200 a and portable biometric authentication device 100 a using an encrypted NFC channel according to an exemplary embodiment.
- FIG. 7 shows the operation of receiving/transmitting encrypted data by the terminal device 200 a and the portable biometric authentication device 100 a when the encrypted NFC channel is formed.
- Operations S 211 to S 213 show the transmission of the data from the terminal device 200 a to the portable biometric authentication device 100 a
- operations S 214 to S 216 show the transmission of the data from the portable biometric authentication device 100 a to the terminal device 200 a.
- the terminal device 200 a may encrypt the data by using the second encryption key.
- the encryption processing unit 222 a of the terminal device 200 a may encrypt the data (e.g., a fingerprint image acquisition request, binary data, magnetic stripe data, etc.) by using the second encryption key.
- the terminal device 200 a may transmit the encrypted data to the portable biometric authentication device 100 a .
- the NFC controller 221 a of the terminal device 200 a may receive the encrypted data from the encryption processing unit 222 a and may transmit the encrypted data to the portable biometric authentication device 100 a by controlling the NFC antenna 210 a based on the encrypted data.
- the portable biometric authentication device 100 a may decrypt the encrypted data by using the second encryption key.
- the NFC controller 131 a of the portable biometric authentication device 100 a may transmit the encrypted data, which is received via the NFC antenna 110 a , to the encryption processing unit 132 a , and the encryption processing unit 132 a may decrypt the encrypted data by using the second encryption key.
- the portable biometric authentication device 100 a may encrypt the biometric information using the first encryption key.
- the encryption processing unit 132 a of the portable biometric authentication device 100 a may encrypt the biometric information (e.g., a fingerprint image) using the first encryption key.
- the portable biometric authentication device 100 a may transmit the encrypted biometric information to the terminal device 200 a .
- the NFC controller 131 a of the portable biometric authentication device 100 a may receive the encrypted data from the encryption processing unit 132 a and may transmit the encrypted data to the terminal device 200 a by controlling the NFC antenna 110 a based on the encrypted data.
- the terminal device 200 a may decrypt the encrypted biometric information using the first encryption key.
- the NFC controller 221 a of the terminal device 200 a may communicate the encrypted biometric information received via the NFC antenna 210 a to the encryption processing unit 222 a , and the encryption processing unit 222 a may decrypt the encrypted biometric information using the first encryption key.
- FIG. 8 is a flowchart describing in one example the operation S 120 of FIG. 5 according to an exemplary embodiment.
- the terminal device 200 a and the portable biometric authentication device 100 a may perform the operation of authenticating the portable biometric authentication device 100 a prior to the subsequent authentication of the user in response to user provided biometric information.
- the operation of authenticating the portable biometric authentication device 100 a may be performed using the encryption processing unit 222 a of the terminal device 200 a in conjunction with the encryption processing unit 132 a of the portable biometric authentication device 100 a.
- the terminal device 200 a may perform an operation of generating first authentication data and a first hash value H 1 .
- the encryption processing unit 222 a of the terminal device 200 a may include a first hash function that is defined in advance.
- the encryption processing unit 222 a may generate the first authentication data and may generate the first hash value H 1 corresponding to the first authentication data based on the first hash function.
- the terminal device 200 a may transmit the first authentication data to the portable biometric authentication device 100 a.
- the portable biometric authentication device 100 a may generate a first test hash value H 1 ′ regarding the first authentication data.
- the encryption processing unit 132 a of the portable biometric authentication device 100 a may include a second hash function that is defined in advance and may generate the first test hash value H 1 ′ corresponding to the first authentication data received from the terminal device 200 a .
- the portable biometric authentication device 100 a may transmit the first test hash value H 1 ′ to the terminal device 200 a.
- the terminal device 200 a may perform an operation of comparing the first hash value H 1 with the first test hash value H 1 ′.
- the terminal device 200 a may determine that authentication of the portable biometric authentication device 100 a is successfully performed in operation S 127 . That is, if the first hash value H 1 corresponding to the first authentication data is the same as the first test hash value H 1 ′ generated by the portable biometric authentication device 100 a based on the first authentication data, then it may be determined that the first and second hash functions are the same, and then the portable biometric authentication device 100 a may be authenticated.
- the terminal device 200 a may generate new first authentication data and a new first hash value Hl.
- FIG. 9 is a flowchart describing in one example the operation S 130 of FIG. 5 according to an exemplary embodiment.
- the terminal device 200 a and the portable biometric authentication device 100 a may perform an operation authenticating the terminal device 200 a prior to the subsequent authentication of the user.
- the operation of authenticating the terminal device 200 a may be performed using the encryption processing unit 222 a of the terminal device 200 a in conjunction with the encryption processing unit 132 a of the portable biometric authentication device 100 a.
- the terminal device 200 a may request the portable biometric authentication device 100 a to transmit second authentication data.
- the NFC controller 221 a of the terminal device 200 a may control the NFC antenna 210 a in response to the second authentication data request of the encryption processing unit 222 a and thus may transmit a second authentication data request to the portable biometric authentication device 100 a.
- the portable biometric authentication device 100 a may generate the second authentication data and a second hash value H 2 .
- the encryption processing unit 132 a of the portable biometric authentication device 100 a may include a third hash function that is defined in advance.
- the encryption processing unit 132 a may generate the second authentication data in response to the second authentication data request and may generate the second hash value H 2 based on the third hash function.
- the portable biometric authentication device 100 a may transmit the second authentication data to the terminal device 200 a.
- the terminal device 200 a may generate a second test hash value H 2 ′ regarding the second authentication data.
- the encryption processing unit 222 a of the terminal device 200 a may include a fourth hash function that is defined in advance and may generate the second test hash value H 2 ′ corresponding to the second authentication data received from the portable biometric authentication device 100 a .
- the terminal device 200 a may transmit the second test hash value H 2 ′ to the portable biometric authentication device 100 a.
- the portable biometric authentication device 100 a may perform an operation of comparing the second hash value H 2 with the second test hash value H 2 ′.
- the portable biometric authentication device 100 a may transmit an authentication result to the terminal device 200 a in operation S 137 and may determine that the authentication of the terminal device 200 a is successfully performed in operation S 128 .
- the portable biometric authentication device 100 a may perform a subsequent operation, for example, operation S 140 of FIG. 5 .
- the portable biometric authentication device 100 a may generate new second authentication data and a new second hash value H 2 .
- FIG. 10 is a block diagram of a portable biometric authentication device 100 b according to another embodiment of the inventive concept.
- the portable biometric authentication device 100 b may update software or a program based on data received from a terminal device (e.g., a terminal device 200 b of FIG. 11 ) using NFC.
- the portable biometric authentication device 100 b may include a NFC antenna 110 b , a power supply circuit 120 b , a control subsystem 130 b , a sensor subsystem 140 b , and a non-volatile memory device 150 b .
- the NFC antenna 110 b , the power supply circuit 120 b , and the sensor subsystem 140 b may perform the same or similar functions as or to the NFC antenna 110 a , the power supply circuit 120 a , and the sensor subsystem 140 a of FIG. 3 .
- the non-volatile memory device 150 b may retain stored data even in the absence of applied power.
- the non-volatile memory device 150 b may include an Electrically Erasable Programmable Read-Only Memory (EEPROM), flash memory, Phase Change Random Access Memory (PRAM), Resistance Random Access Memory (RRAM), Nano Floating Gate Memory (NFGM), Polymer Random Access Memory (PoRAM), Magnetic Random Access Memory (MRAM), Ferroelectric Random Access Memory (FRAM), or the like, but the non-volatile memory device 150 b is not limited thereto.
- the non-volatile memory device 150 b may receive a third power voltage VDD_M from the power supply circuit 120 b and may store, in a non-volatile manner, a program or a parameter that defines operations of the control subsystem 130 b and/or the sensor subsystem 140 b .
- the NFC controller 131 b and/or a fingerprint sensor 141 b may operate based on the program or parameter stored in the non-volatile memory device 150 b .
- the data stored in the non-volatile memory device 150 b may be updated as data received via NFC, and accordingly, the operations of the control subsystem 130 b and/or the sensor subsystem 140 b may change. That is, software of the portable biometric authentication device 100 b may be updated. Detailed descriptions regarding the update of the software of the portable biometric authentication device 100 b will be provided below with reference to FIG. 11 .
- FIG. 10 shows that the portable biometric authentication device 100 b includes one non-volatile memory device 150 b , but the inventive concept is not limited thereto. That is, according to an exemplary embodiment, the portable biometric authentication device 100 b may include two or more non-volatile memory devices to which power is applied by the power supply circuit 120 b respectively, and the control subsystem 130 b and the sensor subsystem 140 b may respectively access different non-volatile memory devices. Also, each of the non-volatile memory devices may be updated as the data is received using NFC.
- FIG. 11 is a flowchart describing one possible operation of updating the software of the portable biometric authentication device 100 b of FIG. 10 according to an exemplary embodiment.
- the terminal device 200 b may check whether a software (SW) update request is received.
- the SW update request may be input to the terminal device 200 b from the user or may be transmitted from a update program.
- the terminal device 200 b may transmit the SW update request and binary data to the portable biometric authentication device 100 b .
- the binary data may correspond to a program or a parameter that defines the operations of the control subsystem 130 b and/or the sensor subsystem 140 b.
- an operation of writing the binary data to the non-volatile memory device 150 b may be performed.
- the NFC controller 131 b may control the operation of writing the binary data to the non-volatile memory device 150 b in response to a SW update request, and thus, the operations of the control subsystem 130 b and/or the sensor subsystem 140 b may change.
- the portable biometric authentication device 100 b may transmit a SW update result to the terminal device 200 b .
- the portable biometric authentication device 100 b may transmit, to the terminal device 200 b , a size of the data written to the non-volatile memory device 150 b , a time taken to perform the operation of writing the data, information about errors that occur during the operation of writing the data, or the like.
- FIG. 12 is a block diagram illustrating a portable biometric authentication device 100 c and a terminal device 200 c according to still another embodiment of the inventive concept.
- the portable biometric authentication device 100 c may be used as a payment medium by transmitting a magnetic pulse to a card terminal based on magnetic stripe data received from the terminal device 200 c , that is, by supporting magnetic stripe transmission (MST).
- MST magnetic stripe transmission
- the portable biometric authentication device 100 c may include a NFC antenna 110 c , a power supply circuit 120 c , a control subsystem 130 c , a sensor subsystem 140 c , and an inductor 160 c .
- the NFC antenna 110 c , the power supply circuit 120 c , the control subsystem 130 c , and the sensor subsystem 140 c of the portable biometric authentication device 100 c may perform the same or similar functions as or to their corresponding components of the portable biometric authentication device 100 of FIG. 1 .
- the terminal device 200 c may include a NFC antenna 210 c , a NFC subsystem 220 c , and a personal authentication unit 230 c .
- the NFC antenna 210 c , the NFC subsystem 220 c , and the personal authentication unit 230 c of the terminal device 200 c may perform the same or similar functions as or to their corresponding components of the terminal device 200 of FIG. 1 .
- the personal authentication unit 230 c of the terminal device 200 c may provide magnetic stripe data MSD to the NFC subsystem 220 c .
- the magnetic stripe data is information that is stored by spreading a magnetic substance on a credit card, etc. and may include payment information.
- the personal authentication unit 230 c may provide the magnetic stripe data to the NFC subsystem 220 c in order to transmit the magnetic stripe data to the portable biometric authentication device 100 c.
- the portable biometric authentication device 100 c may include the NFC controller 131 c and an inductor driver 133 c .
- the NFC controller 131 c may receive the magnetic stripe data MSD from the terminal device 200 c via the NFC antenna 110 c and may provide the magnetic stripe data MSD to the inductor driver 133 c .
- the inductor driver 133 c may generate a signal transmitted to the inductor 160 c in such a manner that the inductor 160 c generates a magnetic flux to the outside of the portable biometric authentication device 100 c based on the magnetic stripe data MSD.
- the magnetic stripe data MSD may be transmitted to a card terminal through the magnetic flux or a magnetic pulse generated by the inductor 160 c .
- the portable biometric authentication device 100 c may improve payment convenience by supporting the MST and the personal authentication using the biometric information.
- FIG. 13 is a flowchart describing in one example the operations performed between the portable biometric authentication device 100 c and the terminal device 200 c of FIG. 12 according to an exemplary embodiment. That is, FIG. 13 shows an operation of performing, by the portable biometric authentication device 100 c and the terminal device 200 c of FIG. 12 , the MST as an example of a security function performed in operation S 200 of FIG. 5 .
- the terminal device 200 c may request disablement of a fingerprint sensor 141 c in operation S 201 . Then, in operation S 202 , the fingerprint sensor 141 c of the portable biometric authentication device 100 c may be disabled. That is, in the portable biometric authentication device 100 c to which power is provided from the terminal device 200 c via the NFC, the fingerprint sensor 141 c (or the sensor subsystem 140 c ) is disabled to drive the inductor 160 c while the MST is being performed, and thus power provided to the fingerprint sensor 141 c may be blocked.
- an operation of operating the inductor 160 c may be performed to generate the magnetic pulse in the portable biometric authentication device 100 c .
- the NFC controller 131 c may provide the magnetic stripe data received from the terminal device 200 c to the inductor driver 133 c , and the inductor driver 133 c may drive the inductor 160 c based on the magnetic stripe data. Accordingly, the inductor 160 c may generate a magnetic pulse corresponding to the magnetic stripe data.
- the terminal device 200 c may receive a payment result via a communication network.
- the terminal device 200 c may be a mobile phone that communicates with a bank server via a wireless communication network and may receive the payment result, which is produced by transmission of the magnetic stripe that is performed in operations S 201 to S 204 , from the bank server.
- FIG. 14 is a block diagram illustrating in one example a terminal device 200 d according to an exemplary embodiment.
- a NFC subsystem 220 d may include a NFC controller 221 d and an encryption processing unit 222 d .
- the NFC controller 221 d and the encryption processing unit 222 d may perform the same or similar functions as or to the NFC controller 221 a and the encryption processing unit 222 a of FIG. 4 .
- the terminal device 200 d may include a processor 230 d .
- the processor 230 d may be a multi-core processor including two or more cores for independently executing instructions.
- the processor 230 d may execute an operating system that provides a kernel space and a user space.
- the processor 230 d may execute a NFC driver 231 d in the kernel space and may execute a NFC framework 232 d , a fingerprint framework 233 d , and a user application 234 d in the user space.
- the framework (e.g., the NFC framework 232 d or the fingerprint framework 233 d ) may provide generic functionality to the user space, and the user application 234 d may be efficiently designed based on the NFC framework 232 d or the fingerprint framework 233 d.
- Methods of operating a terminal device may be performed by the processor 230 d .
- operations for example, payment, banking, etc., which require personal authentication may be implemented by the user application 234 d .
- the user application 234 d may request personal authentication using fingerprints when a security function is performed.
- the fingerprint framework 233 d may perform at least one of operations S 100 to S 200 of FIG. 5 by communicating with a portable biometric authentication device (e.g., the portable biometric authentication device 100 of FIG. 1 ) through the NFC framework 232 d .
- a portable biometric authentication device e.g., the portable biometric authentication device 100 of FIG. 1
- the NFC framework 232 d may provide an interface for the NFC to the user application 234 d and the fingerprint framework 233 d , and the NFC driver 231 d may provide the NFC framework 232 d with an interface regarding the NFC subsystem 220 d that is an independent hardware device.
- FIG. 15 is a block diagram illustrating a computing system 400 and a portable biometric authentication device 300 according to an exemplary embodiment.
- the portable biometric authentication device 300 may communicate with the computing system 400 using NFC.
- the computing system 400 may include a central processing unit 410 , a memory subsystem 420 , a user interface 430 , and a NFC subsystem 440 .
- the central processing unit 410 , the memory subsystem 420 , the user interface 430 , and the NFC subsystem 440 may communicate with each other via a bus 450 .
- the computing system 400 may communicate with a video card, a sound card, a memory card, a USB device, or the like or may further include a port communicating with other devices.
- the central processing unit 410 may perform certain calculations or certain tasks.
- the central processing unit 410 may access the memory subsystem 420 via the bus 450 and may execute multiple instructions stored in the memory subsystem 420 .
- the central processing unit 410 may perform the operations of the personal authentication unit or the operations of the processor 230 d of FIG. 14 .
- the memory subsystem 420 may include one or more memory devices and memory controllers.
- the memory subsystem 420 may include volatile memory device, and the volatile memory device may function as a cache memory.
- the memory subsystem 420 is a volatile memory device and may include Dynamic Random Access Memory (DRAM), Static Random Access Memory (SRAM), mobile DRAM, Double Data Rate Synchronous Dynamic Random Access Memory (DDR SDRAM), Low Power DDR (LPDDR) SDRAM, Graphic DDR (GDDR) SDRAM, Rambus Dynamic Random Access Memory (RDRAM), or the like.
- the memory subsystem 420 may be a non-volatile memory device, and the non-volatile memory device may store instructions that form a program executed in the central processing unit 410 .
- the memory subsystem 420 may be a non-volatile memory device and may include Electrically Erasable Programmable Read-Only Memory (EEPROM), flash memory, PRAM, RRAM, NFGM, PoRAM, MRAM, FRAM, or the like.
- EEPROM Electrically Erasable Programmable Read-Only Memory
- flash memory PRAM, RRAM, NFGM, PoRAM, MRAM, FRAM, or the like.
- the user interface 430 may include an input device such as a keyboard, a keypad, a mouse, or the like in order to receive an input signal from the user and may include an output device such as a printer, a display device, or the like in order to provide an output signal to the user.
- an input device such as a keyboard, a keypad, a mouse, or the like in order to receive an input signal from the user and may include an output device such as a printer, a display device, or the like in order to provide an output signal to the user.
- the NFC subsystem 440 may perform NFC with electronic devices that include the portable biometric authentication device 300 and support the NFC. According to an exemplary embodiment, the NFC subsystem 440 may control transmission of binary data, authentication data, an encryption key, magnetic stripe data, or the like to the portable biometric authentication device 300 via a NFC antenna. Also, the NFC subsystem 440 may control reception of a fingerprint image, the authentication data, the encryption key, or the like from the portable biometric authentication device 300 via the NFC antenna.
- the portable biometric authentication device 300 may include a power supply circuit 320 , a control subsystem 330 , and a sensor subsystem 340 , and the power supply circuit 320 , the control subsystem 330 , and the sensor subsystem 340 may each perform operations according to exemplary embodiments.
- the power supply circuit 320 may generate power based on the electromagnetic field induced from the electromagnetic field generated by the computing system 400 and may respectively provide the generated power to the control subsystem 330 and the sensor subsystem 340 .
- FIG. 16 is a conceptual diagram of a card 500 according to an exemplary embodiment.
- a portable biometric authentication device may be embodied as the card 500 due to a simple structure and a small form factor. That is, as shown in FIG. 16 , the card 500 may include a NFC antenna 510 and a fingerprint sensor 520 .
- the card 500 may be used as an independent payment medium such as a credit card, a debit card, etc. or may be used as a personal authentication device using the NFC and the fingerprint image.
Abstract
Description
- This is a Divisional of U.S. application Ser. No. 15/333,343, filed Oct. 25, 2016, which claims the benefit of Korean Patent Application No. 10-2015-0151099 filed on Oct. 29, 2015, the disclosure of which is hereby incorporated by reference in it entirety.
- The inventive concept relates to a portable biometric authentication device and a terminal device. More particularly, the inventive concept relates to a portable biometric authentication device and a terminal device capable of communicating using near field communication (NFC).
- Electronic devices may require personal authentication in order to provide functions such as making payment, using a banking service, controlling physical entry, etc. Personal authentication requires high degree of accuracy and security, and various forms of biometric authentication have been used to provide personal authentication. Biometric authentication is usually based on one or more types of biometric information (e.g., a fingerprint, an iris, a finger vein, voice, etc.) provided by a user.
- Biometric authentication is very convenient, since it frees the user for such requirements as carrying various card(s) and key(s) or memorizing passwords. In addition, biometric information is difficult to counterfeit or falsify, thereby making biometric authentication highly secure. Different forms of biometric information may be readily acquired using one or more biometric sensor(s) provided by an electronic device, such as a mobile phone. However, many electronic devices either do not include biometric sensor(s) or are not physically, commercially and/or functionally susceptible to the incorporation of biometric sensor(s). Such electronic devices are not able to provide biometric authentication.
- The inventive concept relates to a portable biometric authentication device and a terminal device and provides a portable biometric authentication device for providing biometric information via near field communication (NFC) and a terminal device for providing power to the portable biometric authentication device via the NFC.
- According to an aspect of the inventive concept, there is provided a portable biometric authentication device that communicates with a terminal device using near field communication (NFC). The portable biometric authentication device includes; a NFC antenna, a power supply circuit that generates at least one power voltage in response to an electromagnetic field generated by the terminal device and received via the NFC antenna, a sensor subsystem that operates in response to the at least one power voltage and includes a biometric sensor that acquires biometric information from a user, and a control subsystem that operates in response to the at least one power voltage and includes a NFC controller that controls the communication of the biometric information to the terminal device using the NFC antenna.
- According to another aspect of the inventive concept, there is provided a terminal device configured to communicate with a portable biometric authentication device using near field communication (NFC). The terminal device includes a first NFC antenna, a NFC subsystem configured to generate an electromagnetic field using the first NFC antenna, such that the portable biometric authentication device operates in response to at least one power voltage generated by the portable biometric authentication device in response to an electrical current induced in a second NFC antenna of the portable biometric authentication device by the electromagnetic field, and a personal authentication unit configured to perform personal authentication for a user of the portable biometric authentication in response to biometric information provided by the user to the portable biometric authentication device.
- According to an aspect of the inventive concept, there is provided a method of operating a system including a terminal device using near field communication (NFC) to communicate with a portable biometric authentication device. The method includes; powering operation of the portable biometric authentication device solely from an electromagnetic field generated by the terminal device, generating a request for biometric information of a user of the portable biometric authentication device in the terminal device, generating first biometric information from a fingerprint image provided by the user to a fingerprint sensor disposed in the portable biometric authentication device, communicating the first biometric information from the portable biometric authentication device to the terminal device using the NFC, and performing personal authentication of the user in the terminal device in response to the first biometric information.
- Embodiments of the inventive concept will be more clearly understood from the following detailed description taken in conjunction with the accompanying drawings in which:
-
FIG. 1 is a block diagram of a portable biometric authentication device and a terminal device according to an exemplary embodiment; -
FIG. 2 is diagrams of respective examples of the portable biometric authentication device and the terminal device ofFIG. 1 according to an exemplary embodiment; -
FIG. 3 is a block diagram of a portable biometric authentication device according to an exemplary embodiment; -
FIG. 4 is a block diagram of a terminal device according to an exemplary embodiment; -
FIG. 5 is a flowchart of operations performed between the portable biometric authentication device and the terminal device ofFIGS. 3 and 4 , according to an exemplary embodiment; -
FIG. 6 is a flowchart of an example of operation S110 ofFIG. 5 , according to an exemplary embodiment; -
FIG. 7 is a flowchart of an operation of receiving/transmitting data by a terminal device and a portable biometric authentication device in an encrypted near field communication (NFC) channel, according to an exemplary embodiment; -
FIG. 8 is a flowchart of an example of operation S120 ofFIG. 5 according to an exemplary embodiment; -
FIG. 9 is a flowchart of an example of operation S130 ofFIG. 5 according to an exemplary embodiment; -
FIG. 10 is a block diagram of a portable biometric authentication device according to an exemplary embodiment; -
FIG. 11 is an operation of updating software by the portable biometric authentication device ofFIG. 10 , according to an exemplary embodiment; -
FIG. 12 is a block diagram of a portable biometric authentication device and a terminal device according to an exemplary embodiment; -
FIG. 13 is a flowchart of operations performed between the portable biometric authentication device and the terminal device ofFIG. 12 , according to an exemplary embodiment; -
FIG. 14 is a block diagram of a terminal device according to an exemplary embodiment; -
FIG. 15 is a block diagram of a computing system and a portable biometric authentication device according to an exemplary embodiment; and -
FIG. 16 is a diagram of a card according to an exemplary embodiment. - The term “near field communication” (or “NFC”) is used to describe a broad class of technology enabling two or more electronic devices to communicate one or more electromagnetic signal(s) without necessarily mandating a constituent mechanical connection or physical connection (or touching) of the electronic devices. Various approaches to NFC establish a set of corresponding communication protocols that enable one-way or two-way communication (i.e., transmission and/or reception) of signal(s) between multiple electronic devices. In certain NFC approaches, a first electronic device generates an electromagnetic field, and when a second electronic devices comes into proximity with the electromagnetic field, an electrical signal is induced such that information may be wirelessly communicated between the first electronic device and second electronic device.
- In certain contemporary approaches, NFC information (or data) may be wirelessly communicated across a distance of up to about 10 cm. Data communicated using NFC may be used by a user of an electronic device to make a payment, access an account, gain access to a product or place, etc. There are a number of publicly available technical standards (or specifications) that define different NFC approaches. For example, the International Organization for Standards (ISO) and International Electro-technical Commission (IEC) ISO/IEC 21481 specifies a communication protocol, a data exchange format, signal frequencies and bandwidths (e.g., 13.56 MHz), etc., enabling NFC between electronic devices.
- NFC may be used to communicate not only information or data bearing signal(s), but also power signal(s). That is, a first electronic device (the “initiator”) may generate an electromagnetic field, and a second electronic device (the “target”) may extract power from the electromagnetic field generated by the initiator device sufficient to operate the target device. For example, some target devices may extract an electrical current of up to about 50 mA from an electromagnetic field generated by an initiator device.
- Figure (
FIG. 1 is a block diagram of a portablebiometric authentication device 100 and aterminal device 200 according to an embodiment of the inventive concept. The portablebiometric authentication device 100 andterminal device 200 communication information using NFC. Here, the portablebiometric authentication device 100 may be used to acquire biometric information associated with a user and provide the acquired biometric information to theterminal device 200. Theterminal device 200 may then perform personal authentication using (or based on) the provided biometric information. Additionally or alternatively, theterminal device 200 may provide power to the portablebiometric authentication device 100 using NFC, such that the portablebiometric authentication device 100 may acquire biometric information, communicate acquired biometric information to theterminal device 200, or perform some other function. - Referring to
FIG. 1 , the portablebiometric authentication device 100 may include aNFC antenna 110, apower supply circuit 120, acontrol subsystem 130, and asensor subsystem 140. TheNFC antenna 110 may be used to (1) generate an electromagnetic field according to signals received from the control subsystem 130 (e.g., aNFC controller 131 in the control subsystem 130) and (2) receive an electromagnetic field generated by theterminal device 200 and provide one or more corresponding electrical signals induced in theNFC antenna 110 by the received electromagnetic field. TheNFC antenna 110 may be an antenna module including passive elements where the nature and arrangement of the passive elements may be determined by one or more resonance frequencies defined by an appropriate NFC protocol governing the operation of theterminal device 200 and/or portablebiometric authentication device 100. - In the portable
biometric authentication device 100, thepower supply circuit 120 may be connected to theNFC antenna 110 and may generate one or more power signals from the electrical signal(s) induced by an electromagnetic field proximate to theNFC antenna 110. For example, thepower supply circuit 120 may extract an electrical current induced in theNFC 110 by the electromagnetic field and generate at least one power voltage based on the extracted electrical current. In the illustrated example ofFIG. 1 , thepower supply circuit 120 is assumed to provide a first power voltage VDD_C to thecontrol subsystem 130 and a second power voltage VDD_S to thesensor subsystem 140. Thecontrol subsystem 130 and thesensor subsystem 140 may respectively operate in response to the first and second power voltages VDD_C and VDD_S provided by thepower supply circuit 120. - Here, it should be noted that the example of
FIG. 1 shows different power voltages being provided to thecontrol subsystem 130 andsensor subsystem 140 from thepower supply circuit 120. However, in other embodiments of the inventive concept, identical power voltage(s) may be provided by thepower supply circuit 120 to thecontrol subsystem 130 andsensor subsystem 140. - As previously noted, the
control subsystem 130 ofFIG. 1 is assumed to include theNFC controller 131, where theNFC controller 131 may be used in the portablebiometric authentication device 100 to control the communication of data via theNFC antenna 110. For example, theNFC controller 131 may be used to control the reception of a biometric information request received from theterminal device 200 and/or the transmission of (first) biometric information INFO_1 provided by thesensor subsystem 140 to theterminal device 200 in response to the biometric information request. InFIG. 1 , theNFC controller 131 is assumed to operate in response to the first power voltage VDD_C provided by thepower supply circuit 120. - The
sensor subsystem 140 may include abiometric sensor 141 that is capable of providing the first biometric information INO_1 to thecontrol subsystem 130. Thebiometric sensor 141 may acquire the biometric information from the user (e.g., a fingerprint image, an iris image, a finger vein pattern, voice pattern, or the like) and then convert the biometric information into corresponding electrical signal(s). InFIG. 1 , thebiometric sensor 141 is assumed to operate in response to the second power voltage VDD_S provided by thepower supply circuit 120. - Thus, from the foregoing it will be understood that the
control subsystem 130 andsensor subsystem 140 included in the portablebiometric authentication device 100 may be operated using one or more power signals (e.g., power voltages) generated by thepower supply circuit 120 in response to at least one electrical signal induced in theNFC antenna 110 by an electromagnetic field generated by theterminal device 200. Accordingly, the portablebiometric authentication device 100 need not include a battery or equivalent internal power source, yet need not be externally connected to a power terminal in order to operate. This feature allows the portablebiometric authentication device 100 to be relatively simple in its design and structure. Further it may be provided (e.g., manufactured, fabricated and/or physically provisioned) with a relatively small form factor. Here, the term “small” refers to one or more physical dimensions (e.g., height, width, length, thickness, area, volume, etc.) of the portablebiometric authentication device 100. - Due to its relatively simple structure and small form factor, the portable
biometric authentication device 100 may be provided in a variety of user-friendly forms. For example, as will be described in relation toFIG. 2 , the portablebiometric authentication device 100 may be embedded within a cover or case of theterminal device 200. Alternately, as will be described in relation toFIG. 16 , the portablebiometric authentication device 100 may be embedded within a convenient card (e.g., a credit card like form). As a result, the portablebiometric authentication device 100 may provide considerable convenience to a user while at the same time ensuring a high degree of information accuracy and security. - The
terminal device 200 may be an electronic device capable of performing personal authentication by communicating with the portablebiometric authentication device 100 using NFC. In various embodiments, theterminal device 200 may be a desktop computer, a server system, a smart TV, an electric gate, a point of sale (POS) system, or the like. Theterminal device 200 may be a portable electronic device such as a laptop computer, a tablet PC, a mobile phone, a smart phone, an e-reader, a personal digital assistant (PDA), an enterprise digital assistant (EDA), a digital still camera, a digital video camera, a portable multimedia player (PMP), a personal or portable navigation device (PND), a handheld game console, or the like. - Referring to
FIG. 1 , theterminal device 200 may include aNFC antenna 210, aNFC subsystem 220, and apersonal authentication unit 230. TheNFC antenna 210 may be used to generate an electromagnetic field according to signals received from the NFC subsystem 220 (e.g., a NFC controller 221) or generate one or more electrical signals in response to an electromagnetic field generated by the portablebiometric authentication device 100. Similar to theNFC antenna 110 of the portablebiometric authentication device 100, theNFC antenna 210 may be an antenna module including passive elements where the number and arrangement of passive elements may determined by one or more resonance frequencies of theNFC antenna 210. - The
NFC subsystem 220 may include theNFC controller 221, and theNFC controller 221 may control the NFC communication of data via theNFC antenna 210. For example, theNFC controller 221 may communicate a biometric information request to the portablebiometric authentication device 100 and/or receive biometric information from the portablebiometric authentication device 100 via theNFC antenna 210. TheNFC controller 221 may control theNFC antenna 210 such that power sufficient to operate the portablebiometric authentication device 100 is provided to the portablebiometric authentication device 100 by the electromagnetic field generated via theNFC antenna 210. - The
personal authentication unit 230 may receive (second) biometric information INFO_2 from theNFC subsystem 220 and may perform personal authentication based on the biometric information INFO_2. For example, thepersonal authentication unit 230 may determine (e.g., compare) whether the second biometric information INFO_2 provided by theNFC subsystem 220 corresponds with expected (e.g., previously registered or predetermined) biometric information associated with the user during personal authentication. In various embodiments of the inventive concept, thepersonal authentication unit 230 may be implemented as hardware logic operating in accordance with a state machine or as a processor executing a program stored in a memory accessible to theterminal device 230. -
FIG. 2 is a conceptual diagram illustrating respective physical implementations of the portablebiometric authentication device 100 andterminal device 200 ofFIG. 1 according to an embodiment of the inventive concept. That is,FIG. 2 shows a rear (or back) surface of amobile phone 200′ and amobile phone case 100′ that is mechanically attachable/detachable to the rear surface of themobile phone 200′. Here, themobile phone case 100′ may include a first primary surface configured to receive and attach themobile phone 200′ and an opposing second primary surface exposing aNFC antenna 110′ and abiometric sensor 141′. That is, each of these two elements is externally exposed or accessible without removing themobile phone 200′ from themobile phone case 100′. TheNFC antenna 110′ may be embedded in themobile phone case 110′ such that theNFC antenna 110′ may be positioned to face aNFC antenna 210′ embedded in themobile phone 200′ when themobile phone case 100′ is attached to themobile phone 200′. Thebiometric sensor 141′ may be provided in a surface opposite to the surface ofmobile phone case 100′ facing themobile phone 200′, such that thebiometric sensor 141′ is externally exposed when themobile phone case 100′ is attached to themobile phone 200′. In this manner, thebiometric sensor 141′ may readily acquire biometric information from the user, such that the biometric information may be communicated to themobile phone 200′ via theNFC antenna 110′. - The
mobile phone 200′ may include theNFC antenna 210′ and may perform personal authentication for the user based on the biometric information received via theNFC antenna 210′. For example, themobile phone 200′ may access a bank server via a wireless communication network once personal authentication has been successfully performed and thus may provide access to certain banking function(s) by the authenticated user. Themobile phone 200′ may drive theNFC antenna 210′ to provide a NFC controller (not shown inFIG. 2 ), thebiometric sensor 141′, or the like included in themobile phone case 100′ with sufficient operating power. - Thus, as described above with reference to
FIG. 1 , the portablebiometric authentication device 100 ofFIG. 1 need not include a battery or power terminal connection in order to connect and operate the portablebiometric authentication device 100 with theterminal device 200. And as shown inFIG. 2 , the portablebiometric authentication device 100 may be embodied as themobile phone case 100′ which is a desirable accessory for themobile phone 200′. Themobile phone case 100′ may allow themobile phone 200′, which does not include a biometric sensor, to perform personal authentication based on biometric information obtained from a user. -
FIG. 3 is a block diagram further illustrating in one example a portablebiometric authentication device 100 a according to an embodiment of the inventive concept.FIG. 4 is a block diagram further illustrating in one example aterminal device 200 a according to an embodiment of the inventive concept. Here, the portablebiometric authentication device 100 a ofFIG. 3 is assumed to acquire a fingerprint image of the user as biometric information. Further, theterminal device 200 a ofFIG. 4 is assumed to perform personal authentication based on the acquired fingerprint image. Hereinafter, a fingerprint image is used as one example of possible biometric information, but those skilled in the art will understand that one or more other types of biometric information may be substituted for described fingerprint image. - Referring to
FIG. 3 , the portablebiometric authentication device 100 a may include aNFC antenna 110 a, apower supply circuit 120 a, acontrol subsystem 130 a, and asensor subsystem 140 a. TheNFC antenna 110 a and thepower supply circuit 120 a may perform the same or similar functions as or to theNFC antenna 110 and thepower supply circuit 120 ofFIG. 1 . - Referring to
FIG. 3 , thesensor subsystem 140 a is assumed to include afingerprint sensor 141 a and a fingerprintimage compressing unit 142 a. Thefingerprint sensor 141 a and the fingerprintimage compressing unit 142 a may operate based on the second power voltage VDD_S provided by thepower supply circuit 120 a to thesensor subsystem 140 a. - As shown in
FIG. 3 , thefingerprint sensor 141 a may acquire and detect a fingerprint image provided by the user and correspondingly output one or more fingerprint images INFO_0 as electrical signal(s). In the illustrated example ofFIG. 3 , the electrical signal(s) corresponding to the provided fingerprint image are processed by thefingerprint sensor 141 a to (e.g.,) generate multiple, corresponding image pixels and generate output signals from the image pixels (e.g., the fingerprint images INFO_0). - According to an embodiment illustrated in
FIG. 3 , the fingerprint images INFO_0 provided by thefingerprint sensor 141 a may be compressed by the fingerprintimage compressing unit 142 a. That is, fingerprint images INFO_1 provided by thesensor subsystem 140 a to thecontrol subsystem 130 a may be compressed data. Thefingerprint sensor 141 a may detect the fingerprint of the user a number of times during a given cycle and provide one or more fingerprint images INFO_0 as the result of each cycle. The speed with which thefingerprint sensor 141 a provides the fingerprint images INFO_0 is an important factor in determining the speed with which biometric information is provided by the portablebiometric authentication device 100 a to theterminal device 200 a. Therefore, the fingerprintimage compressing unit 142 a may efficiently provide the first biometric information INFO_1 (e.g., compressed fingerprint images INFO_0) in response to the operation of thefingerprint sensor 141 a. For example, the fingerprintimage compressing unit 142 a may select one or more of the fingerprint images INFO_1 and provide the selected fingerprint images for further processing by the fingerprintimage compressing unit 142 a in order to generate high-quality biometric information INFO_1 from two or more fingerprint images INFO_0. - Referring to
FIG. 3 , thecontrol system 130 a may include aNFC controller 131 a and anencryption processing unit 132 a. TheNFC controller 131 a andencryption processing unit 132 a may operate in response to the first power voltage VDD_C provided from thepower supply circuit 120 a to thecontrol subsystem 130 a. TheNFC controller 131 a may perform the same or similar functions as or to theNFC controller 131 ofFIG. 1 . - According to an exemplary embodiment, the first biometric information communicated by the portable
biometric authentication device 100 a to theterminal device 200 a via the NFC may be encrypted prior to transmission. That is, theencryption processing unit 132 a may encrypt the first biometric information INFO_1 provided by thesensor subsystem 140 a (e.g., the fingerprintimage compressing unit 142 a). Security of the fingerprint image(s) INFO_0 used during personal authentication must be maintained throughout the processes of acquiring, processing and most particularly during the transmission of the biometric information by the portablebiometric authentication device 100 a. Therefore, theencryption processing unit 132 a may be used to maintain the security of the biometric information INFO_1 (and the underlying fingerprint image(s) INFO_0) during transmission of the biometric information INFO_1 to theterminal device 200 a using NFC. Thus, in certain embodiments of the inventive concept, the first biometric information INFO_1 communicated by the portablebiometric authentication device 100 a may be encrypted data. As a result, theterminal device 200 a will include the components necessary to exchange encrypted data with the portablebiometric authentication device 100 a. Hence, theencryption processing unit 132 a ofFIG. 3 may be used to encrypt the first biometric information generated by the portablebiometric authentication device 100 a. A more detailed explanation of possible operations associated with theencryption processing unit 132 a ofFIG. 3 will be described with reference toFIGS. 6 and 7 hereafter. - Referring to
FIG. 4 , theterminal device 200 a may include aNFC antenna 210 a, aNFC subsystem 220 a, and apersonal authentication unit 230 a. TheNFC antenna 210 a andpersonal authentication unit 230 a may perform the same or similar functions as or to theNFC antenna 210 and thepersonal authentication unit 230 ofFIG. 1 . The NFC subsystem 220 a may include aNFC controller 221 a and anencryption processing unit 222 a. TheNFC controller 221 a may perform the same or similar functions as or to theNFC controller 221 ofFIG. 1 . - The
encryption processing unit 222 a may be used to decrypt the encrypted first biometric information received from the portablebiometric authentication device 100 a using NFC. As described with reference toFIG. 3 , theencryption processing unit 132 a of the portablebiometric authentication device 100 a may generate an encrypted, compressed, fingerprint image as the first biometric information INFO_1 that is communicated via an electromagnetic field generated by theNFC antenna 110 a. Theencryption processing unit 222 a of theterminal device 200 a may be used to decrypt the encrypted biometric information in order to generate corresponding second biometric information INFO_2 that is provided to thepersonal authentication unit 230 a. Theencryption processing unit 222 a may also be used to encrypt data (e.g., a biometric information request) communicated to the portablebiometric authentication device 100 a using NFC. A more detailed description of possible operations of theencryption processing unit 222 a will be described with reference toFIGS. 6 and 7 hereafter. - The
encryption processing unit 132 a of the portablebiometric authentication device 100 a and theencryption processing unit 222 a of theterminal device 200 a may be respectively implemented as an embedded secure element (eSE) indicating that an SE, which denotes an area including an element for safely storing or processing data, for example, financial information, authentication information, a service application, etc., which needs to be secured, is embedded in a semiconductor chip. For example, theencryption processing unit 132 a and theNFC controller 131 a of the portablebiometric authentication device 100 a may be embedded in one semiconductor chip, and theencryption processing unit 222 a and theNFC controller 221 a of theterminal device 200 a may be embedded in one semiconductor chip. -
FIG. 5 is a flowchart describing the interoperation between the portablebiometric authentication device 100 a andterminal device 200 a ofFIGS. 3 and 4 according to certain embodiments of the inventive concept.FIG. 5 shows a temporal flow of operations performed between the portablebiometric authentication device 100 a and theterminal device 200 a such that theterminal device 200 a receives a security function request and a security function is enabled. Hereinafter, the operations ofFIG. 5 will be described with reference toFIGS. 3 and 4 . - In operation S100, the
terminal device 200 a may check whether the security function request is received. The security function may be an operation that requires personal authentication and may include, for example, a payment function, a banking function, etc. Theterminal device 200 a may receive the security function request from the user. - In operation S110, the
terminal device 200 a and the portablebiometric authentication device 100 a may perform an operation of forming an encrypted NFC channel. As the encrypted NFC channel is formed, security of data exchanged between theterminal device 200 a and the portablebiometric authentication device 100 a may be maintained. A detailed description of operation S110 will be provided with reference toFIG. 6 hereafter. - In operation S120, the
terminal device 200 a and the portablebiometric authentication device 100 a may perform an operation of authenticating the portablebiometric authentication device 100 a. Then, in operation S130, theterminal device 200 a and the portablebiometric authentication device 100 a may perform an operation of authenticating theterminal device 200 a. Through the operation of authenticating theterminal device 200 a and the portablebiometric authentication device 100 a, security of the personal authentication using the portablebiometric authentication device 100 a may be reinforced. Detailed descriptions of operations S120 and S130 will be provided with reference toFIGS. 8 and 9 hereafter. - In operation S140, the portable
biometric authentication device 100 a may perform an operation of enabling thesensor subsystem 140 a. For example, theNFC controller 131 a may enable thesensor subsystem 140 a when theterminal device 200 a is successfully authenticated in operation S130. TheNFC controller 131 a may, for example, control thepower supply circuit 120 a to provide the second power voltage VDD_S to thesensor subsystem 140 a or may inactivate an enable input signal of thesensor subsystem 140 a. - In operation S150, the
terminal device 200 a may request the portablebiometric authentication device 100 a to acquire biometric information (e.g., a fingerprint image). In operation S160, the portablebiometric authentication device 100 a (e.g., thefingerprint sensor 141 a) may acquire the fingerprint image from a fingerprint of the user. In operation S170, the portablebiometric authentication device 100 a (e.g., theencryption processing unit 132 a) may encrypt the acquired fingerprint image. In operation S180, the portablebiometric authentication device 100 a (e.g., theNFC controller 131 a) may transmit the encrypted fingerprint image to theterminal device 200 a. - In operation S190, the
terminal device 200 a may determine whether the personal authentication succeeds. For example, theterminal device 200 a (e.g., theencryption processing unit 222 a) may decrypt the encrypted fingerprint image received from the portablebiometric authentication device 100 a. Then, theterminal device 200 a (e.g., thepersonal authentication unit 230 a) may compare the decrypted fingerprint image with a known (e.g., registered or vetted) fingerprint image associated with the user. If the decrypted fingerprint image is different from the registered fingerprint image for the user, theterminal device 200 a may re-request that the portablebiometric authentication device 100 a acquire a fingerprint image. On the other hand, if the decrypted fingerprint image is the same as the registered fingerprint image for the user, theterminal device 200 a may perform the security function in operation S200. -
FIG. 6 is a flowchart further illustrating in one example the operation S110 ofFIG. 5 according to an exemplary embodiment. As described with reference toFIG. 5 , theterminal device 200 a and the portablebiometric authentication device 100 a may perform the operation of forming the encrypted NFC channel in operation S110. - Referring to
FIG. 6 , in operation S111, theterminal device 200 a may generate an electromagnetic field. That is, theterminal device 200 a, as the initiator device of the NFC, may generate a carrier field. For example, theNFC controller 221 a may control theNFC antenna 210 a such that theNFC antenna 210 a generates the electromagnetic field. - In operation S112, the portable
biometric authentication device 100 a may generate one or more power signals from the received electromagnetic field. For example, thepower supply circuit 120 a may generate one or more power voltage(s) from an electrical current induced in theNFC antenna 110 a by the electromagnetic field generated by theNFC antenna 210 a of theterminal device 200 a. The power generated by thepower supply circuit 120 a may be provided to components of the portablebiometric authentication device 100 a, for example, thecontrol subsystem 130 a and thesensor subsystem 140 a, respectively. - In operation S113, the
terminal device 200 a may transmit a first encryption key to the portablebiometric authentication device 100 a, and in operation S114, the portablebiometric authentication device 100 a may transmit a second encryption key to theterminal device 200 a. The first encryption key may be used to encrypt biometric information (e.g., a fingerprint image) transmitted by the portablebiometric authentication device 100 a to theterminal device 200 a. The second encryption key may be used to encrypt data (e.g., a fingerprint image acquisition request, binary data, magnetic stripe data, etc.) transmitted by theterminal device 200 a to the portablebiometric authentication device 100 a. Detailed descriptions regarding reception/transmission of encrypted data will be provided with reference toFIG. 7 . The encrypted NFC channel may be formed between theterminal device 200 a and the portablebiometric authentication device 100 a through operations, that is, operations S111 to S114. -
FIG. 7 is a flowchart describing in one example the operations of receiving/transmitting data between theterminal device 200 a and portablebiometric authentication device 100 a using an encrypted NFC channel according to an exemplary embodiment.FIG. 7 shows the operation of receiving/transmitting encrypted data by theterminal device 200 a and the portablebiometric authentication device 100 a when the encrypted NFC channel is formed. Operations S211 to S213 show the transmission of the data from theterminal device 200 a to the portablebiometric authentication device 100 a, and operations S214 to S216 show the transmission of the data from the portablebiometric authentication device 100 a to theterminal device 200 a. - Referring to
FIG. 7 , in operation S211, theterminal device 200 a may encrypt the data by using the second encryption key. For example, theencryption processing unit 222 a of theterminal device 200 a may encrypt the data (e.g., a fingerprint image acquisition request, binary data, magnetic stripe data, etc.) by using the second encryption key. - In operation S212, the
terminal device 200 a may transmit the encrypted data to the portablebiometric authentication device 100 a. For example, theNFC controller 221 a of theterminal device 200 a may receive the encrypted data from theencryption processing unit 222 a and may transmit the encrypted data to the portablebiometric authentication device 100 a by controlling theNFC antenna 210 a based on the encrypted data. - In operation S213, the portable
biometric authentication device 100 a may decrypt the encrypted data by using the second encryption key. For example, theNFC controller 131 a of the portablebiometric authentication device 100 a may transmit the encrypted data, which is received via theNFC antenna 110 a, to theencryption processing unit 132 a, and theencryption processing unit 132 a may decrypt the encrypted data by using the second encryption key. - In operation S214, the portable
biometric authentication device 100 a may encrypt the biometric information using the first encryption key. For example, theencryption processing unit 132 a of the portablebiometric authentication device 100 a may encrypt the biometric information (e.g., a fingerprint image) using the first encryption key. - In operation S215, the portable
biometric authentication device 100 a may transmit the encrypted biometric information to theterminal device 200 a. For example, theNFC controller 131 a of the portablebiometric authentication device 100 a may receive the encrypted data from theencryption processing unit 132 a and may transmit the encrypted data to theterminal device 200 a by controlling theNFC antenna 110 a based on the encrypted data. - In operation S216, the
terminal device 200 a may decrypt the encrypted biometric information using the first encryption key. For example, theNFC controller 221 a of theterminal device 200 a may communicate the encrypted biometric information received via theNFC antenna 210 a to theencryption processing unit 222 a, and theencryption processing unit 222 a may decrypt the encrypted biometric information using the first encryption key. -
FIG. 8 is a flowchart describing in one example the operation S120 ofFIG. 5 according to an exemplary embodiment. As described with reference toFIG. 5 , in operation S120, theterminal device 200 a and the portablebiometric authentication device 100 a may perform the operation of authenticating the portablebiometric authentication device 100 a prior to the subsequent authentication of the user in response to user provided biometric information. According to an exemplary embodiment, the operation of authenticating the portablebiometric authentication device 100 a may be performed using theencryption processing unit 222 a of theterminal device 200 a in conjunction with theencryption processing unit 132 a of the portablebiometric authentication device 100 a. - Referring to
FIG. 8 , in operation S121, theterminal device 200 a may perform an operation of generating first authentication data and a first hash value H1. For example, theencryption processing unit 222 a of theterminal device 200 a may include a first hash function that is defined in advance. Theencryption processing unit 222 a may generate the first authentication data and may generate the first hash value H1 corresponding to the first authentication data based on the first hash function. Then, in operation S122, theterminal device 200 a may transmit the first authentication data to the portablebiometric authentication device 100 a. - In operation S123, the portable
biometric authentication device 100 a may generate a first test hash value H1′ regarding the first authentication data. For example, theencryption processing unit 132 a of the portablebiometric authentication device 100 a may include a second hash function that is defined in advance and may generate the first test hash value H1′ corresponding to the first authentication data received from theterminal device 200 a. Then, in operation S125, the portablebiometric authentication device 100 a may transmit the first test hash value H1′ to theterminal device 200 a. - In operation S126, the
terminal device 200 a may perform an operation of comparing the first hash value H1 with the first test hash value H1′. When the first hash value H1 is the same as the first test hash value H1′, theterminal device 200 a may determine that authentication of the portablebiometric authentication device 100 a is successfully performed in operation S127. That is, if the first hash value H1 corresponding to the first authentication data is the same as the first test hash value H1′ generated by the portablebiometric authentication device 100 a based on the first authentication data, then it may be determined that the first and second hash functions are the same, and then the portablebiometric authentication device 100 a may be authenticated. On the other hand, if the first hash value H1 is different from the first test hash value H1′, theterminal device 200 a may generate new first authentication data and a new first hash value Hl. -
FIG. 9 is a flowchart describing in one example the operation S130 ofFIG. 5 according to an exemplary embodiment. As described with reference toFIG. 5 , in operation S130, theterminal device 200 a and the portablebiometric authentication device 100 a may perform an operation authenticating theterminal device 200 a prior to the subsequent authentication of the user. According to an exemplary embodiment, the operation of authenticating theterminal device 200 a may be performed using theencryption processing unit 222 a of theterminal device 200 a in conjunction with theencryption processing unit 132 a of the portablebiometric authentication device 100 a. - Referring to
FIG. 9 , in operation S131, theterminal device 200 a may request the portablebiometric authentication device 100 a to transmit second authentication data. For example, theNFC controller 221 a of theterminal device 200 a may control theNFC antenna 210 a in response to the second authentication data request of theencryption processing unit 222 a and thus may transmit a second authentication data request to the portablebiometric authentication device 100 a. - In operation S132, the portable
biometric authentication device 100 a may generate the second authentication data and a second hash value H2. For example, theencryption processing unit 132 a of the portablebiometric authentication device 100 a may include a third hash function that is defined in advance. Theencryption processing unit 132 a may generate the second authentication data in response to the second authentication data request and may generate the second hash value H2 based on the third hash function. Then, in operation S113, the portablebiometric authentication device 100 a may transmit the second authentication data to theterminal device 200 a. - In operation S134, the
terminal device 200 a may generate a second test hash value H2′ regarding the second authentication data. For example, theencryption processing unit 222 a of theterminal device 200 a may include a fourth hash function that is defined in advance and may generate the second test hash value H2′ corresponding to the second authentication data received from the portablebiometric authentication device 100 a. Then, in operation S135, theterminal device 200 a may transmit the second test hash value H2′ to the portablebiometric authentication device 100 a. - In operation S136, the portable
biometric authentication device 100 a may perform an operation of comparing the second hash value H2 with the second test hash value H2′. When the second hash value H2 is the same as the second test hash value H2′, the portablebiometric authentication device 100 a may transmit an authentication result to theterminal device 200 a in operation S137 and may determine that the authentication of theterminal device 200 a is successfully performed in operation S128. That is, if the second hash value H2 corresponding to the second authentication data is the same as the second test hash value H2′ generated by theterminal device 200 a based on the second authentication data, then it may be determined that the third hash function is the same as the fourth hash function, and then theterminal device 200 a may be authenticated. If the authentication of theterminal device 200 a is successfully performed, the portablebiometric authentication device 100 a may perform a subsequent operation, for example, operation S140 ofFIG. 5 . On the other hand, if the second hash value H2 is different from the second test hash value H2′, the portablebiometric authentication device 100 a may generate new second authentication data and a new second hash value H2. -
FIG. 10 is a block diagram of a portablebiometric authentication device 100 b according to another embodiment of the inventive concept. The portablebiometric authentication device 100 b may update software or a program based on data received from a terminal device (e.g., aterminal device 200 b ofFIG. 11 ) using NFC. - Referring to
FIG. 10 , the portablebiometric authentication device 100 b may include aNFC antenna 110 b, apower supply circuit 120 b, acontrol subsystem 130 b, asensor subsystem 140 b, and anon-volatile memory device 150 b. TheNFC antenna 110 b, thepower supply circuit 120 b, and thesensor subsystem 140 b may perform the same or similar functions as or to theNFC antenna 110 a, thepower supply circuit 120 a, and thesensor subsystem 140 a ofFIG. 3 . - The
non-volatile memory device 150 b may retain stored data even in the absence of applied power. Thenon-volatile memory device 150 b may include an Electrically Erasable Programmable Read-Only Memory (EEPROM), flash memory, Phase Change Random Access Memory (PRAM), Resistance Random Access Memory (RRAM), Nano Floating Gate Memory (NFGM), Polymer Random Access Memory (PoRAM), Magnetic Random Access Memory (MRAM), Ferroelectric Random Access Memory (FRAM), or the like, but thenon-volatile memory device 150 b is not limited thereto. - The
non-volatile memory device 150 b may receive a third power voltage VDD_M from thepower supply circuit 120 b and may store, in a non-volatile manner, a program or a parameter that defines operations of thecontrol subsystem 130 b and/or thesensor subsystem 140 b. For example, theNFC controller 131 b and/or afingerprint sensor 141 b may operate based on the program or parameter stored in thenon-volatile memory device 150 b. The data stored in thenon-volatile memory device 150 b may be updated as data received via NFC, and accordingly, the operations of thecontrol subsystem 130 b and/or thesensor subsystem 140 b may change. That is, software of the portablebiometric authentication device 100 b may be updated. Detailed descriptions regarding the update of the software of the portablebiometric authentication device 100 b will be provided below with reference toFIG. 11 . - Although
FIG. 10 shows that the portablebiometric authentication device 100 b includes onenon-volatile memory device 150 b, but the inventive concept is not limited thereto. That is, according to an exemplary embodiment, the portablebiometric authentication device 100 b may include two or more non-volatile memory devices to which power is applied by thepower supply circuit 120 b respectively, and thecontrol subsystem 130 b and thesensor subsystem 140 b may respectively access different non-volatile memory devices. Also, each of the non-volatile memory devices may be updated as the data is received using NFC. -
FIG. 11 is a flowchart describing one possible operation of updating the software of the portablebiometric authentication device 100 b ofFIG. 10 according to an exemplary embodiment. - In operation S300, the
terminal device 200 b may check whether a software (SW) update request is received. For example, the SW update request may be input to theterminal device 200 b from the user or may be transmitted from a update program. - In operation S310, the
terminal device 200 b may transmit the SW update request and binary data to the portablebiometric authentication device 100 b. The binary data may correspond to a program or a parameter that defines the operations of thecontrol subsystem 130 b and/or thesensor subsystem 140 b. - In operation S320, in the portable
biometric authentication device 100 b, an operation of writing the binary data to thenon-volatile memory device 150 b may be performed. For example, theNFC controller 131 b may control the operation of writing the binary data to thenon-volatile memory device 150 b in response to a SW update request, and thus, the operations of thecontrol subsystem 130 b and/or thesensor subsystem 140 b may change. - In operation S330, the portable
biometric authentication device 100 b may transmit a SW update result to theterminal device 200 b. For example, the portablebiometric authentication device 100 b may transmit, to theterminal device 200 b, a size of the data written to thenon-volatile memory device 150 b, a time taken to perform the operation of writing the data, information about errors that occur during the operation of writing the data, or the like. -
FIG. 12 is a block diagram illustrating a portablebiometric authentication device 100 c and aterminal device 200 c according to still another embodiment of the inventive concept. The portablebiometric authentication device 100 c may be used as a payment medium by transmitting a magnetic pulse to a card terminal based on magnetic stripe data received from theterminal device 200 c, that is, by supporting magnetic stripe transmission (MST). - As shown in
FIG. 12 , the portablebiometric authentication device 100 c may include aNFC antenna 110 c, apower supply circuit 120 c, acontrol subsystem 130 c, asensor subsystem 140 c, and aninductor 160 c. TheNFC antenna 110 c, thepower supply circuit 120 c, thecontrol subsystem 130 c, and thesensor subsystem 140 c of the portablebiometric authentication device 100 c may perform the same or similar functions as or to their corresponding components of the portablebiometric authentication device 100 ofFIG. 1 . Also, theterminal device 200 c may include aNFC antenna 210 c, aNFC subsystem 220 c, and apersonal authentication unit 230 c. TheNFC antenna 210 c, theNFC subsystem 220 c, and thepersonal authentication unit 230 c of theterminal device 200 c may perform the same or similar functions as or to their corresponding components of theterminal device 200 ofFIG. 1 . - Referring to
FIG. 12 , thepersonal authentication unit 230 c of theterminal device 200 c may provide magnetic stripe data MSD to theNFC subsystem 220 c. The magnetic stripe data (MSD) is information that is stored by spreading a magnetic substance on a credit card, etc. and may include payment information. When the personal authentication succeeds by using a personal authentication method according to any one of embodiments of the inventive concept, thepersonal authentication unit 230 c may provide the magnetic stripe data to theNFC subsystem 220 c in order to transmit the magnetic stripe data to the portablebiometric authentication device 100 c. - Referring to
FIG. 12 , the portablebiometric authentication device 100 c (e.g., thecontrol subsystem 130 c) may include theNFC controller 131 c and aninductor driver 133 c. TheNFC controller 131 c may receive the magnetic stripe data MSD from theterminal device 200 c via theNFC antenna 110 c and may provide the magnetic stripe data MSD to theinductor driver 133 c. Theinductor driver 133 c may generate a signal transmitted to theinductor 160 c in such a manner that theinductor 160 c generates a magnetic flux to the outside of the portablebiometric authentication device 100 c based on the magnetic stripe data MSD. The magnetic stripe data MSD may be transmitted to a card terminal through the magnetic flux or a magnetic pulse generated by theinductor 160 c. The portablebiometric authentication device 100 c may improve payment convenience by supporting the MST and the personal authentication using the biometric information. -
FIG. 13 is a flowchart describing in one example the operations performed between the portablebiometric authentication device 100 c and theterminal device 200 c ofFIG. 12 according to an exemplary embodiment. That is,FIG. 13 shows an operation of performing, by the portablebiometric authentication device 100 c and theterminal device 200 c ofFIG. 12 , the MST as an example of a security function performed in operation S200 ofFIG. 5 . - Referring to
FIG. 13 , theterminal device 200 c may request disablement of afingerprint sensor 141 c in operation S201. Then, in operation S202, thefingerprint sensor 141 c of the portablebiometric authentication device 100 c may be disabled. That is, in the portablebiometric authentication device 100 c to which power is provided from theterminal device 200 c via the NFC, thefingerprint sensor 141 c (or thesensor subsystem 140 c) is disabled to drive theinductor 160 c while the MST is being performed, and thus power provided to thefingerprint sensor 141 c may be blocked. - In operation S203, the
terminal device 200 c may transmit the magnetic stripe data to the portablebiometric authentication device 100 c. The magnetic stripe data may be encrypted, and the encrypted magnetic stripe data may be transmitted to the portablebiometric authentication device 100 c using NFC. - In operation S204, an operation of operating the
inductor 160 c may be performed to generate the magnetic pulse in the portablebiometric authentication device 100 c. For example, theNFC controller 131 c may provide the magnetic stripe data received from theterminal device 200 c to theinductor driver 133 c, and theinductor driver 133 c may drive theinductor 160 c based on the magnetic stripe data. Accordingly, theinductor 160 c may generate a magnetic pulse corresponding to the magnetic stripe data. - In operation S205, the
terminal device 200 c may receive a payment result via a communication network. For example, theterminal device 200 c may be a mobile phone that communicates with a bank server via a wireless communication network and may receive the payment result, which is produced by transmission of the magnetic stripe that is performed in operations S201 to S204, from the bank server. -
FIG. 14 is a block diagram illustrating in one example aterminal device 200 d according to an exemplary embodiment. As shown inFIG. 14 , aNFC subsystem 220 d may include aNFC controller 221 d and anencryption processing unit 222 d. TheNFC controller 221 d and theencryption processing unit 222 d may perform the same or similar functions as or to theNFC controller 221 a and theencryption processing unit 222 a ofFIG. 4 . - Referring to
FIG. 14 , theterminal device 200 d may include aprocessor 230 d. Theprocessor 230 d may be a multi-core processor including two or more cores for independently executing instructions. Theprocessor 230 d may execute an operating system that provides a kernel space and a user space. For example, as shown inFIG. 14 , theprocessor 230 d may execute aNFC driver 231 d in the kernel space and may execute aNFC framework 232 d, afingerprint framework 233 d, and auser application 234 d in the user space. The framework (e.g., theNFC framework 232 d or thefingerprint framework 233 d) may provide generic functionality to the user space, and theuser application 234 d may be efficiently designed based on theNFC framework 232 d or thefingerprint framework 233 d. - Methods of operating a terminal device according to the above-described embodiments may be performed by the
processor 230 d. For example, operations, for example, payment, banking, etc., which require personal authentication may be implemented by theuser application 234 d. Through thefingerprint framework 233 d, theuser application 234 d may request personal authentication using fingerprints when a security function is performed. Thefingerprint framework 233 d may perform at least one of operations S100 to S200 ofFIG. 5 by communicating with a portable biometric authentication device (e.g., the portablebiometric authentication device 100 ofFIG. 1 ) through theNFC framework 232 d. TheNFC framework 232 d may provide an interface for the NFC to theuser application 234 d and thefingerprint framework 233 d, and theNFC driver 231 d may provide theNFC framework 232 d with an interface regarding theNFC subsystem 220 d that is an independent hardware device. -
FIG. 15 is a block diagram illustrating acomputing system 400 and a portablebiometric authentication device 300 according to an exemplary embodiment. According to an exemplary embodiment, the portablebiometric authentication device 300 may communicate with thecomputing system 400 using NFC. - Referring to
FIG. 15 , thecomputing system 400 may include acentral processing unit 410, amemory subsystem 420, auser interface 430, and aNFC subsystem 440. Thecentral processing unit 410, thememory subsystem 420, theuser interface 430, and theNFC subsystem 440 may communicate with each other via abus 450. Although not shown inFIG. 15 , thecomputing system 400 may communicate with a video card, a sound card, a memory card, a USB device, or the like or may further include a port communicating with other devices. - The
central processing unit 410 may perform certain calculations or certain tasks. Thecentral processing unit 410 may access thememory subsystem 420 via thebus 450 and may execute multiple instructions stored in thememory subsystem 420. According to an exemplary embodiment, thecentral processing unit 410 may perform the operations of the personal authentication unit or the operations of theprocessor 230 d ofFIG. 14 . - The
memory subsystem 420 may include one or more memory devices and memory controllers. In an exemplary embodiment, thememory subsystem 420 may include volatile memory device, and the volatile memory device may function as a cache memory. For example, thememory subsystem 420 is a volatile memory device and may include Dynamic Random Access Memory (DRAM), Static Random Access Memory (SRAM), mobile DRAM, Double Data Rate Synchronous Dynamic Random Access Memory (DDR SDRAM), Low Power DDR (LPDDR) SDRAM, Graphic DDR (GDDR) SDRAM, Rambus Dynamic Random Access Memory (RDRAM), or the like. - The
memory subsystem 420 may be a non-volatile memory device, and the non-volatile memory device may store instructions that form a program executed in thecentral processing unit 410. For example, thememory subsystem 420 may be a non-volatile memory device and may include Electrically Erasable Programmable Read-Only Memory (EEPROM), flash memory, PRAM, RRAM, NFGM, PoRAM, MRAM, FRAM, or the like. - The
user interface 430 may include an input device such as a keyboard, a keypad, a mouse, or the like in order to receive an input signal from the user and may include an output device such as a printer, a display device, or the like in order to provide an output signal to the user. - The
NFC subsystem 440 may perform NFC with electronic devices that include the portablebiometric authentication device 300 and support the NFC. According to an exemplary embodiment, theNFC subsystem 440 may control transmission of binary data, authentication data, an encryption key, magnetic stripe data, or the like to the portablebiometric authentication device 300 via a NFC antenna. Also, theNFC subsystem 440 may control reception of a fingerprint image, the authentication data, the encryption key, or the like from the portablebiometric authentication device 300 via the NFC antenna. - Referring to
FIG. 15 , the portablebiometric authentication device 300 may include apower supply circuit 320, acontrol subsystem 330, and asensor subsystem 340, and thepower supply circuit 320, thecontrol subsystem 330, and thesensor subsystem 340 may each perform operations according to exemplary embodiments. For example, thepower supply circuit 320 may generate power based on the electromagnetic field induced from the electromagnetic field generated by thecomputing system 400 and may respectively provide the generated power to thecontrol subsystem 330 and thesensor subsystem 340. -
FIG. 16 is a conceptual diagram of acard 500 according to an exemplary embodiment. A portable biometric authentication device may be embodied as thecard 500 due to a simple structure and a small form factor. That is, as shown inFIG. 16 , thecard 500 may include aNFC antenna 510 and afingerprint sensor 520. - The
card 500 may be used as an independent payment medium such as a credit card, a debit card, etc. or may be used as a personal authentication device using the NFC and the fingerprint image. - While the inventive concept has been particularly shown and described with reference to embodiments thereof, it will be understood that various changes in form and details may be made therein without departing from the scope of the following claims.
Claims (7)
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US16/547,388 US20190379659A1 (en) | 2015-10-29 | 2019-08-21 | Portable biometric authentication device and terminal device using near field communication |
Applications Claiming Priority (4)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
KR10-2015-0151099 | 2015-10-29 | ||
KR1020150151099A KR102461325B1 (en) | 2015-10-29 | 2015-10-29 | Portable biometric authentication device and terminal device using near field communication |
US15/333,343 US10404695B2 (en) | 2015-10-29 | 2016-10-25 | Portable biometric authentication device and terminal device using near field communication |
US16/547,388 US20190379659A1 (en) | 2015-10-29 | 2019-08-21 | Portable biometric authentication device and terminal device using near field communication |
Related Parent Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US15/333,343 Division US10404695B2 (en) | 2015-10-29 | 2016-10-25 | Portable biometric authentication device and terminal device using near field communication |
Publications (1)
Publication Number | Publication Date |
---|---|
US20190379659A1 true US20190379659A1 (en) | 2019-12-12 |
Family
ID=58635092
Family Applications (2)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US15/333,343 Active 2037-02-21 US10404695B2 (en) | 2015-10-29 | 2016-10-25 | Portable biometric authentication device and terminal device using near field communication |
US16/547,388 Abandoned US20190379659A1 (en) | 2015-10-29 | 2019-08-21 | Portable biometric authentication device and terminal device using near field communication |
Family Applications Before (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US15/333,343 Active 2037-02-21 US10404695B2 (en) | 2015-10-29 | 2016-10-25 | Portable biometric authentication device and terminal device using near field communication |
Country Status (2)
Country | Link |
---|---|
US (2) | US10404695B2 (en) |
KR (1) | KR102461325B1 (en) |
Families Citing this family (26)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US10467402B2 (en) * | 2016-08-23 | 2019-11-05 | Lenovo (Singapore) Pte. Ltd. | Systems and methods for authentication based on electrical characteristic information |
SE1750836A1 (en) * | 2017-06-28 | 2018-12-29 | Fingerprint Cards Ab | Fingerprint sensor module comprising antenna and method for manufacturing a fingerprint sensor module |
US10186749B1 (en) | 2017-09-18 | 2019-01-22 | Qualcomm Incorporated | Systems and methods for a remote near field communication antenna unit |
SG11202004111RA (en) | 2017-11-06 | 2020-06-29 | Visa Int Service Ass | Biometric sensor on portable device |
SE1751451A1 (en) * | 2017-11-24 | 2019-05-25 | Fingerprint Cards Ab | Biometric template handling |
US11138333B2 (en) | 2018-03-07 | 2021-10-05 | Private Identity Llc | Systems and methods for privacy-enabled biometric processing |
US11210375B2 (en) | 2018-03-07 | 2021-12-28 | Private Identity Llc | Systems and methods for biometric processing with liveness |
US11170084B2 (en) * | 2018-06-28 | 2021-11-09 | Private Identity Llc | Biometric authentication |
US10721070B2 (en) | 2018-03-07 | 2020-07-21 | Private Identity Llc | Systems and methods for privacy-enabled biometric processing |
US11502841B2 (en) | 2018-03-07 | 2022-11-15 | Private Identity Llc | Systems and methods for privacy-enabled biometric processing |
US10938852B1 (en) | 2020-08-14 | 2021-03-02 | Private Identity Llc | Systems and methods for private authentication with helper networks |
US11789699B2 (en) | 2018-03-07 | 2023-10-17 | Private Identity Llc | Systems and methods for private authentication with helper networks |
US11489866B2 (en) | 2018-03-07 | 2022-11-01 | Private Identity Llc | Systems and methods for private authentication with helper networks |
US11394552B2 (en) | 2018-03-07 | 2022-07-19 | Private Identity Llc | Systems and methods for privacy-enabled biometric processing |
US11265168B2 (en) | 2018-03-07 | 2022-03-01 | Private Identity Llc | Systems and methods for privacy-enabled biometric processing |
US11392802B2 (en) | 2018-03-07 | 2022-07-19 | Private Identity Llc | Systems and methods for privacy-enabled biometric processing |
KR20190109104A (en) * | 2018-03-16 | 2019-09-25 | 주식회사 시솔지주 | Non power finger scan card and operating method of the same |
KR102579881B1 (en) * | 2018-03-27 | 2023-09-18 | 삼성전자주식회사 | A near field communication integrated circuit and wireless communication device including the same |
US20210224403A1 (en) * | 2018-06-18 | 2021-07-22 | Koninklijke Philips N.V. | Secure remote image analysis based on randomized data transformation |
KR102507519B1 (en) * | 2018-08-20 | 2023-03-08 | 삼성전자주식회사 | Electronic device for controlling specified functions based on electromagnetic signal detection and method thereof |
KR102455588B1 (en) * | 2018-12-06 | 2022-10-14 | 동우 화인켐 주식회사 | Antenna structure and display device including the same |
KR102214358B1 (en) * | 2019-06-14 | 2021-02-09 | 주식회사 루프 | Data input and output structure in differential signal lines having signal extracting unit |
GB2588661B (en) * | 2019-10-31 | 2023-11-22 | Zwipe As | Biometrically protected device |
US11467848B2 (en) * | 2020-05-07 | 2022-10-11 | Capital One Services, Llc | Portable operating system and portable user data |
US20220303131A1 (en) * | 2021-03-17 | 2022-09-22 | Apple Inc. | Split processing of biometric data |
US20230169596A1 (en) * | 2021-11-30 | 2023-06-01 | Capital One Services, Llc | Systems and techniques for authenticating insurance claims |
Family Cites Families (29)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
AU2003255949A1 (en) | 2002-07-09 | 2004-01-23 | Neology, Inc. | System and method for providing secure identification solutions |
JP2005346606A (en) | 2004-06-07 | 2005-12-15 | Matsushita Electric Ind Co Ltd | Electronic settlement system using mobile telephone |
JP2006060392A (en) | 2004-08-18 | 2006-03-02 | Nec Corp | Unauthorized-use preventive system and identification method for information terminal device |
JP4736744B2 (en) * | 2005-11-24 | 2011-07-27 | 株式会社日立製作所 | Processing device, auxiliary information generation device, terminal device, authentication device, and biometric authentication system |
US20070131759A1 (en) | 2005-12-14 | 2007-06-14 | Cox Mark A | Smartcard and magnetic stripe emulator with biometric authentication |
US8395478B2 (en) | 2006-10-30 | 2013-03-12 | Broadcom Corporation | Secure profile setting in a shared device |
US9237018B2 (en) * | 2007-07-05 | 2016-01-12 | Honeywell International Inc. | Multisystem biometric token |
US20090144456A1 (en) * | 2007-11-30 | 2009-06-04 | Alexander David Gelf | Interface Device for Securely Extending Computer Functionality |
KR100946989B1 (en) | 2007-12-28 | 2010-03-15 | 전자부품연구원 | Apparatus and method for wireless sensing |
US8814052B2 (en) * | 2008-08-20 | 2014-08-26 | X-Card Holdings, Llc | Secure smart card system |
KR101047906B1 (en) | 2008-09-09 | 2011-07-08 | 전자부품연구원 | Operating System and Method of RF Card Using Fingerprint Sensor |
JP5969209B2 (en) * | 2008-12-15 | 2016-08-17 | カードラボ エーピーエスCardlab Aps | RFID tag |
JP2011048523A (en) | 2009-08-26 | 2011-03-10 | Kyocera Corp | Portable radio terminal |
KR101574968B1 (en) | 2010-11-01 | 2015-12-08 | 한국전자통신연구원 | Portable sensor apparatus, and service system based on biometric Authentication including the same |
US8762742B2 (en) * | 2011-05-16 | 2014-06-24 | Broadcom Corporation | Security architecture for using host memory in the design of a secure element |
EP2525298B1 (en) | 2011-05-17 | 2016-07-13 | Nxp B.V. | Authentication method |
US9204298B2 (en) * | 2011-09-13 | 2015-12-01 | Bank Of America Corporation | Multilevel authentication |
US20130090942A1 (en) * | 2011-10-11 | 2013-04-11 | Safe-Link, Llc | Sytem and method for preventing healthcare fraud |
US8494838B2 (en) * | 2011-11-10 | 2013-07-23 | Globili Llc | Systems, methods and apparatus for dynamic content management and delivery |
US9740342B2 (en) * | 2011-12-23 | 2017-08-22 | Cirque Corporation | Method for preventing interference of contactless card reader and touch functions when they are physically and logically bound together for improved authentication security |
US20130254117A1 (en) * | 2011-12-30 | 2013-09-26 | Clay W. von Mueller | Secured transaction system and method |
US9633247B2 (en) | 2012-03-01 | 2017-04-25 | Apple Inc. | Electronic device with shared near field communications and sensor structures |
US20150127553A1 (en) | 2012-06-06 | 2015-05-07 | Mohan Sundaram | Intelligent payment card and a method for performing secure transactions using the payment card |
US9436940B2 (en) * | 2012-07-09 | 2016-09-06 | Maxim Integrated Products, Inc. | Embedded secure element for authentication, storage and transaction within a mobile terminal |
US9223942B2 (en) | 2013-10-31 | 2015-12-29 | Sony Corporation | Automatically presenting rights protected content on previously unauthorized device |
US10121144B2 (en) | 2013-11-04 | 2018-11-06 | Apple Inc. | Using biometric authentication for NFC-based payments |
US9153998B2 (en) * | 2013-12-02 | 2015-10-06 | Qualcomm Incorporated | Wireless power orthogonal polarization antenna array |
FR3025388B1 (en) * | 2014-09-01 | 2019-08-23 | Lg Electronics Inc. | PORTABLE TERMINAL ON SELF |
US10162347B2 (en) * | 2015-04-20 | 2018-12-25 | Lg Electronics Inc. | Mobile terminal and method for controlling the same |
-
2015
- 2015-10-29 KR KR1020150151099A patent/KR102461325B1/en active IP Right Grant
-
2016
- 2016-10-25 US US15/333,343 patent/US10404695B2/en active Active
-
2019
- 2019-08-21 US US16/547,388 patent/US20190379659A1/en not_active Abandoned
Also Published As
Publication number | Publication date |
---|---|
US10404695B2 (en) | 2019-09-03 |
KR102461325B1 (en) | 2022-10-31 |
US20170126672A1 (en) | 2017-05-04 |
KR20170050055A (en) | 2017-05-11 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US10404695B2 (en) | Portable biometric authentication device and terminal device using near field communication | |
JP5920747B1 (en) | Application programs and cards | |
KR102204247B1 (en) | Apparatus and Method for processing biometric information in a electronic device | |
KR101830952B1 (en) | Using biometric authentication for nfc-based payments | |
US10194318B2 (en) | Systems and methods for NFC access control in a secure element centric NFC architecture | |
KR101971329B1 (en) | Provisioning and authenticating credentials on an electronic device | |
US20210044575A1 (en) | Electronic device and method for generating attestation certificate based on fused key | |
EP3709205B1 (en) | Electronic device including secure integrated circuit | |
US11416598B2 (en) | Authentication and generation of information for authentication | |
EP3648038A1 (en) | Writing and payment method, apparatus and device for nfc portable device | |
US9563773B2 (en) | Systems and methods for securing BIOS variables | |
US20210026983A1 (en) | Electronic device and method for protecting personal information using secure switch | |
WO2016019206A1 (en) | Smart card reader with public key index on host device | |
KR102071438B1 (en) | Payment authentication method and apparatus of mobile terminal and mobile terminal | |
WO2017076270A1 (en) | Smart card having function of one time password (otp), and work method therefor | |
US20170277879A1 (en) | Ic card, ic module, and ic card system | |
KR102650721B1 (en) | Electronic device and method for processing remote payment | |
CN105184564B (en) | Card-free payment method and system | |
JP2015060407A (en) | Ic card, portable terminal, and ic card processing system | |
US9113329B2 (en) | Mobile device learning mode for secure identification | |
EP4345664A1 (en) | Electronic device for protecting bio-information of user | |
US20230359530A1 (en) | Electronic device for supporting data backup, and operation method thereof | |
US20220103350A1 (en) | Electronic device for selecting key to be used for encryption on basis of amount of information of data to be encrypted, and operation method of electronic device | |
CN117957538A (en) | Electronic device for protecting biological information of user | |
KR20210010593A (en) | Apparatus and Method for processing biometric information in a electronic device |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
STPP | Information on status: patent application and granting procedure in general |
Free format text: DOCKETED NEW CASE - READY FOR EXAMINATION |
|
STPP | Information on status: patent application and granting procedure in general |
Free format text: RESPONSE TO NON-FINAL OFFICE ACTION ENTERED AND FORWARDED TO EXAMINER |
|
STPP | Information on status: patent application and granting procedure in general |
Free format text: ADVISORY ACTION MAILED |
|
STPP | Information on status: patent application and granting procedure in general |
Free format text: DOCKETED NEW CASE - READY FOR EXAMINATION |
|
STPP | Information on status: patent application and granting procedure in general |
Free format text: NON FINAL ACTION MAILED |
|
STPP | Information on status: patent application and granting procedure in general |
Free format text: RESPONSE TO NON-FINAL OFFICE ACTION ENTERED AND FORWARDED TO EXAMINER |
|
STPP | Information on status: patent application and granting procedure in general |
Free format text: FINAL REJECTION MAILED |
|
STCB | Information on status: application discontinuation |
Free format text: ABANDONED -- FAILURE TO RESPOND TO AN OFFICE ACTION |