WO2005083532A1 - Systeme de verification d'identite avec carte a auto-identifcation - Google Patents

Systeme de verification d'identite avec carte a auto-identifcation Download PDF

Info

Publication number
WO2005083532A1
WO2005083532A1 PCT/US2005/005849 US2005005849W WO2005083532A1 WO 2005083532 A1 WO2005083532 A1 WO 2005083532A1 US 2005005849 W US2005005849 W US 2005005849W WO 2005083532 A1 WO2005083532 A1 WO 2005083532A1
Authority
WO
WIPO (PCT)
Prior art keywords
card
data
self
stored
identity
Prior art date
Application number
PCT/US2005/005849
Other languages
English (en)
Inventor
Rudy Simon
Original Assignee
Rudy Simon
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Rudy Simon filed Critical Rudy Simon
Priority to CA002507745A priority Critical patent/CA2507745A1/fr
Publication of WO2005083532A1 publication Critical patent/WO2005083532A1/fr

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/78Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/32User authentication using biometric data, e.g. fingerprints, iris scans or voiceprints

Definitions

  • the present invention relates generally to the field of personal identity verification, and particularly, to a system of storing, reading, and verifying identity information.
  • a tracking system comprising an ID card that bears personal data of a card bearer, in machine-readable form.
  • the data includes biometric, as well as biographic, data that describes the legitimate card bearer.
  • the biometric data includes biometric features that are unique to the legitimate card bearer, such as a fingerprint, a retinal scan, a unique DNA sequence, a facial image, a voice print, etc.
  • the data are digitally encoded and encrypted and are readable only with the appropriate scanning or reading device.
  • the ID card of in U.S. Patent Application No. 10/198 342 was envisioned as being used in conjunction with a database, such as a national registry, and with a network of readers or scanners that were linked to the national registry, either via land- based, satellite, or broadcast telecommunication means.
  • a database such as a national registry
  • a network of readers or scanners that were linked to the national registry, either via land- based, satellite, or broadcast telecommunication means.
  • patent application cited above discloses an ID card that provides many of the features of a tamper-proof card that carries data for one or more biometric features of the legitimate card bearer. What is needed in addition to the tamper-proof card is a stand-alone or mobile card-reading system for reading the data on the ID card and verifying the identity of the card bearer. In other words, what is needed is an ID card that contains all the necessary features and data to verify the identification of a card bearer, without relying on continuous access to a central database.
  • the card bearer Even if the card bearer has memorized the PIN and not written it down, the card bearer may still be forced to disclose the PIN to an unauthorized party under threat of violence. For example, if the card provides access to one's bank account via an automated teller machine, the other party may now use the PIN and the card to gain access to the card bearer's account to illegally draw funds from it.
  • the card bearer may now use the PIN and the card to gain access to the card bearer's account to illegally draw funds from it.
  • What is still yet further needed is such a system that is a mobile system that does not require a continuous link to a computer database for proper verification of the identity of the presenting card bearer.
  • a self-authenticating data card system comprising a tamper-proof identity card that carries biometric data and card-reading apparatus for reading the identity card, including the biometric data. It is a further object to provide such a system that verifies the identity of the card bearer by comparing the biometric data on the card with biometric data contemporaneously obtained from the card bearer. It is a yet further object to provide an ID card that provides no information on the identity of the authorized card bearer until the identity of the card bearer has been verified. It is a still yet further object to provide such a system that is a mobile system that provides identity verification of the presenting card bearer without requiring a continuous link to a computer database.
  • the objects are achieved by providing a self-authenticating data card system that includes a tamper-proof self-authenticating data card and identity- verification apparatus that includes a data display.
  • the self-authenticating data card includes a programmable chip, a biometrics sensor, and a data lock.
  • the programmable chip contains stored data that includes biographic and biometric data of the legitimate card bearer.
  • the identity-verification apparatus includes a data processing unit for processing the stored data and circuitry for transmitting the stored data to the data processing unit. If the identity-verification apparatus also includes a biometrics sensor, the circuitry also controls release of the data lock.
  • the biometrics sensor which may be incorporated into the self-authenticating data card or or the identity-verification apparatus, senses a biometric feature of the presenting card bearer.
  • the data lock is a software-controlled gate that compares the biometric data that is contemporaneously obtained from the presenting card bearer (actual biometric data) with the biometric data stored on the self-authenticating data card (stored biometric data). Upon determining a match between the actual biometric data and the stored biometric data, the data lock is released and the stored data are made available to the identity-verification apparatus for processing and display on the data display.
  • presenting card bearer refers to the person presenting the self-authenticating data card in the course of an identity verification.
  • legitimate card bearer refers to the person to whom the self- authenticating data card was issued.
  • stored data includes both biographic and biometric data that is stored on the self-authenticating data card, whereas the term “stored biometric data” refers to the biometric data only that is stored on the card.
  • actual biometric data refers to biometric data that is contemporaneously obtained from the presenting card bearer.
  • Insertion of the self-authenticating data card into the identity-verification apparatus activates the data lock, which awaits input of actual biometric data.
  • the card bearer must first provide actual biometric data, which are then compared with the stored biometric data. When a match between the two biometrics is determined, the stored data are made available for the data display. Assuming that the biometric data are of a feature that is unique to an individual, this comparison of the actual biometric data provided by the presenting card cardbearer with the stored biometric data are the self- authenticating feature of the self-authenticating data card system that makes the ID card virtually tamper-proof.
  • the biometric data may include data for any number of biometric characteristics, such as a fingerprint, a thumbprint, a voice print, a retinal scan, a facial scan, a digital code of a DNA sequence, etc. Furthermore, data for more than one biometric feature may be included on one self-authenticating data card.
  • a commonly known and used biometric is that of the fingerprint and, for purposes of illustration only, the fingerprint will be used hereinafter to describe the basic functional features of the self-authenticating data card system.
  • the biometrics sensor in this case, a fingerprint sensor, is provided directly on the self-authenticating data card and the card bearer is required to provide the actual biometric data, that is, to apply the appropriate fingertip to the sensor.
  • the programmed chip on the self-authenticating data card then compares the sensed fingerprint with the fingerprint stored on the self- authenticating data card and indicates a match or a mismatch. Verification of a match between actual and stored biometric data confirms that the presenting card bearer is the legitimate card bearer. Once a match has been determined, the lock on the data is released and the data are transmitted via the card reader to the data processing unit.
  • the card bearer now has access to the facilities, services, etc. for which the identification was required. So, for example, if the self-authenticating data card system is used to secure access to a facility or a service, verification of the identity of the card bearer may release a physical barrier or lift a processing block and allow access to the facility or service, respectively.
  • the self-authenticating data card may serve as a general identification card, an employee ID card, a credit/debit or ATM card, an access card for preventing unauthorized access to a computer, a special-event ID card, or any combination thereof.
  • the identity- verification apparatus then includes a display panel.
  • An optional feature of the self- authenticating data card according to the invention is an image of the legitimate card bearer that is veiled, i.e., unreadable without the necessary software and/or apparatus to read it. Upon determining a match between the actual and the stored biometric data, the data lock releases the data, and the image and other pertinent data are unveiled and shown on the display, allowing the security personnel to review the data on the display.
  • the unveiled image of the card bearer may be magnified to provide better ability to scrutinize the image and compare it with the appearance of the presenting card bearer.
  • the stored image of the card bearer may also be a three-dimensional image, allowing the security person who is also verifying the identity to rotate the image to obtain a view that corresponds with the view presented by the presenting card bearer.
  • biometric data are encoded and incorporated in the self-authenticating data card such that the data are machine-readable. If the biometric data are to include a fingerprint, the fingerprint is taken from the intended card bearer and converted to electronic form. When the self-authenticating data card is being created, the fingerprint data are downloaded onto a microchip that is incorporated into the self-authenticating data card. As mentioned above, the card is also equipped with a fingerprint sensor. Since the card bearer carries his fingerprint data with im at all times, it is logistically a simple matter to require the presenting card bearer to apply the appropriate fingertip to the fingerprint sensor for purposes of authentication.
  • the identity authentication process just described applies equally well when used with other biometric features and the biometric sensor senses a facial scan, a retinal scan, a voice scan, etc. It is also possible to use a DNA sequence as the stored biometric data. As described above, a DNA sample is taken from the legitimate card bearer, a particular DNA sequence selected and analyzed, and the results stored in digital form and, eventually, downloaded onto the programmed chip in the card. Since the card bearer carries his or her genetic information at all times, it is a relatively simple matter to obtain a sample of DNA from the presenting card bearer at any time and location.
  • a scrape of the inner cheek of the card bearer with a swab provides sufficient tissue to obtain a sample of DNA for analysis.
  • An on-site DNA analyzer including DNA biometrics sensor, for analyzing the actual DNA sample of the presenting card bearer may be incorporated into the card reader, provided as separate DNA test unit, or provided on a chip that is incorporated onto the self- authenticating data card.
  • the presenting card bearer applies a sample of saliva to the DNA biometrics sensor, which then analyzes the DNA for a particular sequence and transmits the results in digital form to the data lock gate on the self-authenticating data card. If a match is determined, the data lock is released and the stored data made available for processing and/or display.
  • the particular method of analyzing the DNA sample suitable for use with the self-authenticating data card system is a method based on a hybridization of DNA molecules, as disclosed in US Patent 6,376,177 B1 (Vladimir Poponin; 2002), the complete disclosure of which is incorporated herein by reference.
  • the method and apparatus disclosed therein enable analysis of DNA molecules, using near field surface enhanced Raman scattering for direct spectroscope detection of hybridized DNA molecules and enables analysis of DNA molecules, without the use of radioisotope labels, within a short period of time (minutes).
  • Another method suitable for use with the self-authenticating data card is a method suitable for use with the self-authenticating data card.
  • DNA sensor on a chip recently developed by Purdue University.
  • the DNA sensor combines a pulsing laser emitter, a blue light filter, and a photo-detector on a single chip.
  • DNA molecules are tagged with a certain dye.
  • a powerful laser using "laser liftoff' technology, transfers an LED film from one layer on the chip to a filtering layer, which screens out blue light and allows the photo-detectot to detect only the green light emitted by the DNA molecules.
  • the card reader transmits the stored data to the data processing unit, which contains proprietary software for processing the stored data.
  • the identity-verification apparatus also includes a display panel and data input means.
  • the identity-verification apparatus may be provided as a stationary verification unit.
  • a stationary unit is that of a card-reader that is mounted on a wall or door and is coupled to a physical barrier, such as a door lock, for example, so that, upon verification, the physical barrier is removed or lifted to allow passage of the card bearer.
  • the identity-verification apparatus may also be provided as a mobile verification unit.
  • the mobile unit comprises an integrated card-reader/data-processing unit for receiving, reading, and processing the actual biometric data and the stored data, or two separate devices that are in communication with each other: a card reader for reading the card, and a data-processing unit that is preferably a small electronic computing device.
  • the data-processing unit contains software for processing the actual biometric data and the stored data and, if included in the particular configuration of the identity-verification apparatus, a display for revealing the pertinent identity data to the person having control over the identity-verification apparatus.
  • the srriall electronic computing device will be referred to hereinafter as a personal data assistant (PDA).
  • PDA personal data assistant
  • the card-reader is preferably a sled that is configured to receive and establish an electronic connection with the PDA and the self-authenticating data card, so as to communicate data from the card to the PDA.
  • T-he sled has circuitry for reading the data on the self-authenticating data card and sending the data through the electronic connection to the PDA that is inserted into the sled.
  • the PDA processes the data received from the self-authenticating data card and provides some indication that a match has or has not been made between the actual bio metric data and the stored biometric data.
  • a key security feature of the self-authenticating data card system according to the invention is that it may be operated as at mobile unit that requires no continuous and/or hard-wired link to a central computer network.
  • the mobile unit offers the advantages of enabling security personnel to verify the identity of persons at virtually any location and of not requiring that floor space be dedicated to an identity- verification workstation. It also allows quick and easy implementation of a temporary verification system, for example, for a special event, or for access to a temporary facility, such as a field hospital in a disaster area.
  • identity card system as a mobile unit, is within the secured area of an airline gate at an airport, in which the group of persons being screened is limited to a specific group and the security demands are high. The individuals in this area have gone through an initial screening when checking in and the airline has processed the information and updated its manifest for the particular flight. Security personnel download the updated manifest onto their identity-verification apparatus and are then able to quickly and easily verify the identity and confirm the presence of each person waiting in the restricted area or passing through the gate to the airplane. This is quickly and easily done by having each person insert his or her self-authenticating data card into the reader and, assuming the biometric data are a fingerprint, pressing the appropriate finger on the card.
  • Another example of the use of the self-authenticating data card system is within a medical facility.
  • Use of the identity card system in such an application may require that a database of authorized employee numbers or security codes, or some other identifying code, be downloaded onto the identity-verification apparatus as needed, for example, at the beginning of a workshift.
  • the self-authenticating data card for such an application includes the employee number or security code, etc.
  • the data lock authenticates the identity of the presenting card bearer and the data processing unit determines that the stored data includes a code that authorizes the card bearer to gain access to certain services and/or facilities.
  • the self- authenticating data card is removed from the identity-verification apparatus, the personal data of the card bearer is also removed.
  • the security code is recorded, along with a time/date stamp, in the data processing unit for uploading to another computer database at another time. This reduces the amount of personal information that is stored in the data processing unit to a minimum, yet provides the desired security and record-keeping.
  • the self-authenticating data card system is particularly well-suited for many applications within a facility in which access to certain locations or services is restricted to certain authorized personnel, and in which it is particularly important to provide certain information about a person, yet prevent that information from being disseminated to unauthorized persons.
  • One such application is in the area of patient care. Medical personnel may have need of information pertaining to a particular patient.
  • a personal self-authenticating data card is issued to the patient upon entry into the medical facility or into the medical system.
  • the card contains all relevant medical information about the patient and is readable in the appropriate identity-verification apparatus.
  • the biometric feature that is selected as the authentication feature is one that is readable whether or not the patient is conscious.
  • the seif-authenticating data card is equipped with a radio frequ ency (RF) transmitter.
  • RF radio frequ ency
  • the card bearer authenticates trie card, which then activates the RF transmitter.
  • the card bearer approaches a locked door, for example, the card broadcasts the authorization code to release the door lock. This is particularly advantageous for medical personnel who scrub their hands and then move from a prep room to an operating room, for example, without touching anything.
  • the self-authenticating data card system may be tailored for a particular application and may include special card and identity-verification apparatus that contain any number of additional features that are not typically included in a self-authenticating data card system for conventional personal identification.
  • Suc-h additional features may include storing the data for multiple biometeric features on the self-authenticating data card and equipping the identity-verification apparatus with a GPS Rcvr/Xmtr, a wireless transmitter for communicating with a central registry, for example, for sending contemporaneously obtained biometric information and for receiving authorization or verification from a remote site.
  • the wireless transmitter may be designed to connect with a local receiver hub, mobile telecommunications towers, o r with the Global Positioning System (GPS) satellite system.
  • GPS Global Positioning System
  • data destroy instructions may be programmed onto the programmable microchip, so that, when unauthorized use of the self-authenticating data card is detected, an instruction may be sent to the card to erase or render illegible the stored data, making the card useless.
  • An optional security feature of the self-authenticating data card system is the alarm feature, also referred to hereinafter as the 911 code.
  • the alarm feature also referred to hereinafter as the 911 code.
  • the optional security feature requires that the identity-verification apparatus include a GPS Rcvr/Xmtr.
  • the biometric feature that is used to open the data lock is selected and the data downloaded to the programmable microchip on the card.
  • the selected biometric feature shall be the fingerprint of the ring finger of the right hand. Additional fingerprints may also be recorded and included on the card according to the invention and for the purpose of triggering the 911 code. Use of one of these additional fingerprints causes the data lock to open, thereby allowing the card bearer to gain access to a restricted facility or service, but, at the same time, triggers a call to 911.
  • the GPS Rcvr/Xmtr allows law-enforcement entities to determine the location of the identity-verification apparatus where the unauthorized use of the card occurred.
  • the identity-verification apparatus may include a data input/output port for exchange of locally stored memory with other computing devices and systems.
  • the identity-verification apparatus may be battery-operated, have a portable external power supply linked to the apparatus, or be solar-powered. Further optional features may enable the card bearer or security personnel to communicate with the identity- verification apparatus via a keypad for entering inputs and setting parameters, accuracy level, etc.
  • a camera may be provided on the identity-verification apparatus for contemporaneously taking a picture of the card bearer.
  • the self-authenticating data card system described above includes a self- authenticating data card that has a biometric sensor for sensing a biometric feature, such as a fingerprint, and a card reader that reads the data from the card and transmits it to an electronic computing device.
  • the identity-verification apparatus according to the invention may, however, include a separate scanner for recording the actual biometric data.
  • a biometric identifier that may be stored on the self-authenticating data card is a retinal scan or a facial scan.
  • the card reader may include a separate scanner for scanning the retina or facial structure of the card bearer and comparing it with the stored data on the self-authenticating data card.
  • the scanner is on an extension cord and can be maneuvered into a position to read the biometric feature of a patient in a wheelchair on lying on a hospital bed.
  • Other embodiments include a vocal print scanner.
  • the mobile identity-verification apparatus described above is optionally equipped with GPS receiver-transmitter capability that allows the unit to be tracked in case it should be stolen or misappropriated.
  • the mobile unit may also include a GPS Rcvr/Xmtr attached to a separate internal battery. In case of theft or misappropriation of the mobile unit, a command may be sent to erase the memory of the stolen unit, to prevent disclosure of the software and data contained in it.
  • the methods of use of the apparatus according to the invention may accommodate a range of security levels. For example, a low security verification procedure may only require a photo ID.
  • the self-authenticating data card may contain a digitally stored, high resolution image of the card bearer that is visually recognizable only when the card is inserted into the identity-verification apparatus. Security personnel are equipped with the identity-verification apparatus according to the invention.
  • the card bearer inserts the self-authenticating data card into the identity- verification apparatus, at which time the image of the card bearer appears as a visually recognizable image on the display of the identity-verification apparatus.
  • the device display may display the image at several times the magnification of the image stored on the card to facilitate a comparison with the appearance of the card bearer.
  • the image may even be a rotatable three-dimensional image, in which case, the person verifying identification of the card bearer may rotate the image shown on the display to obtain a different view for a complete comparision, yielding greater accuracy and reliability of the verification.
  • the self-authenticating data card may include other physical attributes of the legitimate card bearer, such as height, weight, eye color, etc., which are then also displayed on the identity-verification apparatus, to enable a more complete visual comparison between the presenting card bearer and the image of the legitimate card bearer.
  • the self-authenticating data card system includes the quick set-up time and the ability to use the identity-verification apparatus on relatively short notice at remote locations. For example, a temporary medical center is set up at a site of medical emergency, or in a location where terrorist attacks are frequent.
  • medical personnel may be provided with identity-verification apparatus that will read and verify the identity of medical personnel and others having authorized access to the site.
  • identity-verification apparatus it is particularly advantageous to have identity-verification apparatus that will enable efficient and accurate identity verification without having to invest the time and expense of installing stationary checkpoints.
  • the mobile identity- verification apparatus enables the self-authenticating data card system to be used effectively in most locations around the world. This allows the identity-verification apparatus to be used with much reduced or no reliance on land- based telecommunications services, which can be non-existent or unreliable in areas hit by disaster or political strife.
  • FIG. 1 is an illustration of the identity-verification apparatus according to the invention, embodied as a mobile unit, showing a computing device mounted in a card reader.
  • FIG. 2 is an illustration of the self-authenticating data card that, together with the identity-verification apparatus of FIG. 1, comprises the identity-verification apparatus according to the invention.
  • FIG. 3 shows the separate components of the identity-verification apparatus of FIG. 1.
  • FIG. 4 is an illustration of the self-authenticating data card system, showing the self-authenticating data card inserted into the identity-verification apparatus.
  • FIG. 5 shows data being shown on the display of the card reader, after a match has been determined between contemporaneously obtained biometric data and stored biometric data.
  • FIG. 6 is a block diagram illustraing a self-authenticating data card system comprising the self-authenticating data card of FIG. 2, a modifed identity-verification apparatus, and a DNA test unit with a DNA sensor.
  • FIG. 1 shows a first embodiment of identity-verification apparatus 100 according to the invention.
  • the identity-verification apparatus 100 is a mobile unit that includes a data-processing unit 120 and a card reader 140.
  • the data-processing unit 120 is a portable, handheld electronic device with a display panel 122, such as a T-MOBILE POCKET PC or an iPaq from COMPAQ.
  • a display panel 122 such as a T-MOBILE POCKET PC or an iPaq from COMPAQ.
  • PDAs are suitable for use as the data-processing unit 120, as long as the device is able to store and run software for reading and/or processing data coming into it from the card reader 140.
  • the card reader 140 is constructed as a sled for securely holding the data-processing unit 120 and, as an optional feature, is equipped with a GPS receiver-transmitter (GPS Rcvr/Xmtr) capability, as indicated by a GPS antenna 150.
  • GPS Rcvr/Xmtr GPS receiver-transmitter
  • the identity-verification apparatus 100 is a stationary card-reading unit that is installed in a workstation.
  • the data-processing unit 120 and the card reader 140 are integrated into a single unit.
  • the stationary card-reading unit is well- known today, as it is typically used to process payments with credit/debit cards, and is, therefore, not separately illustrated.
  • FIG. 2 shows a self-authenticating data card 200 for use with the identity- verification apparatus 100.
  • the self-authenticating data card contains a programmable microchip 204, a primary biometric sensor 202, and auxiliary biometric sensors 208, 210 that are optional and incorporated in accordance with the particular application of the self-authenticating data card system 100.
  • the programmable microchip 204 contains data in machine-readable form ("stored data") that identify and/or are pertinent to the legitimate card bearer.
  • Such programmable microchips are well-known for use in a so-called "smart" security card.
  • the programmable microchip 204 used is a microchip from Atmel, with the designation AT 90 SC 6464 C or 3232 C.
  • the stored data include data from at least one biometric feature of the legitimate card bearer, and may also include biographic data, such as name, date of birth, a photographic image, an employee number or social security number, or other data of interest to the organization that issued the self-authenticating data card 200.
  • the self-authenticating data card 200 has a front face 200A which contains the primary biometric sensor 202 for sensing a biometric feature that corresponds to the at least one biometric feature of the stored data. If the auxiliary biometric sensors 208, 210 are incorporated into the self-authenticating data card 200, they are also provided on the front face 200A.
  • the primary biometric sensor 202 in this particular embodiment is a fingerprint sensor.
  • the primary biometric sensor 202 is a fingerprint sensor that scans the print of an actual finger that is applied to the sensor. Fingerprint sensors are well-known and any sensor that is suitable for incorporation onto the self-authenticating data card 200 may be used.
  • the primary biometric sensor 202 is a FIDELICA fingerprint pad, 330 port no.
  • indicator signals 202A, 202B are provided on the sensor 202.
  • the auxiliary sensors 208, 210 may include a retinal image scanner, a facial image scanner, a voice print scanner, etc.
  • a general information field 206 may be provided on the card if so desired. This field may contain an icon or symbol, for example: a symbol of the U.S. Government if the card is under the control of a governmental agency, or the name or illustration of a hospital or other organization.
  • FIG. 3 shows the data-processing unit 120 as a separate device from the card reader 140.
  • the two units 120,140 are coupled, as indicated by an arrow A1 , to form the identity-verification apparatus 100 according to the invention.
  • Shown in this view is an exposed inner surface 140A of the card reader 140.
  • Mounted on the inner surface 140A is a PDA connector 342, a GPS Rcvr/Xmtr chip 344, a chip-reader circuit 346, a card stop 344, and a power switch 348.
  • the PDA connector 342 is a conventional connector for establishing an electrical connection with the data- processing unit 120 when the data processing unit 120 is inserted into the card reader 140.
  • the chip-reader circuit 346 reads information stored in the programmable microchip 204 on the self-authenticating data card 200.
  • the technology for providing circuitry in devices to read programmable microchips on so-called "smart" cards is widely known and not described with any detail herein.
  • the programmable microchip 204 on the self-authenticating data card 200 is a data storage chip with an RF transmitter and the chip-reader circuit 346 is a contactless chip that is capable of receiving the RF transmission from and reading the data stored on the programmable microchip 204.
  • the GPS Rcvr/Xmtr chip 344 is a conventional, commercially available GPS Rcvr/Xmtr chip and, ideally, it also is a contactless chip capable of transmitting/receiving via wireless, i.e., via radio wave transmission.
  • the card reader 140 is so constructed that, when the data-processing unit 120 is inserted into the card reader 140, a card-receiving slot 350 is formed between the inner surface 140A of the card reader 140 and the back of the data-processing unit 120. Inserting the self- authenticating data card 200 far enough into the card-receiving slot 350 until it is arrested by the card stop 347. In this position, the self-authenticating data card 200 activates the power switch 348 to provide the necessary power to the the card reader 140 to transmit data to the data processing unit 120.
  • FIG. 4 illustrates the preferred embodiment of an self-authenticating data card system 300 according to the invention, showing the self-authenticating data card 200 being inserted into the card-receiving slot 350 of the identity-verification apparatus 100.
  • the self-authenticating data card 200 is shown being inserted into the identity- verification apparatus 100, with a rear face 200B of the card 200 facing toward the data-processing unit 120 and the front face 200A toward the inner surface 140A of the card reader 140.
  • the card 200 is inserted into the card-receiving slot 350 until it hits the card stop 347 and activates the power switch 348. In this position, the self- authenticating data card 200 is positioned so that the chip-reader 346 is in position to read the stored data on the card.
  • the portion of the self-authenticating data card 200 that is inserted into the identity-verification apparatus 100 is indicated in FIG. 4 with dashed lines.
  • the display panel 122 of the data-processing unit 120 remains blank, or at least does not display any data from the self-authenticating data card 200, because a data lock programmed on the programmable microchip 204 prevents the stored data from being read until the authorization of the presenting card bearer has been authenticated.
  • the primary biometric sensor 202 when properly inserted, the primary biometric sensor 202 is accessible to the presenting card bearer and is ready for sensing data. This is indicated by the NOGO indicator 202B, which, in the embodiment shown is a red LED that, when illuminated, indicates that the sensor is ready for sensing and that no match is being detected. As mentioned earlier, for the sake of illustration the primary biometric sensor 202 is a fingerprint sensor. When the tip of the appropriate finger is applied to the primary biometric sensor 202, the programmable microchip 204 reads the actual biometric data sensed by the primary biometric sensor 202 and compares it with the stored biometric data on the card 200.
  • a match is indicated by the GO indicator 202A, which is a green LED and which, when illuminated, determines that match has been determined.
  • the data lock is then released and the card reader 140 sends the stored data to the data processing unit 120.
  • the stored data are displayed on the display panel 122 and/or access to a facility or services is provided.
  • the self-authenticating data card 200 is removed from the identity-verification apparatus 300, the data that was in the data processing unit 120 for the purpose of displaying the stored data or for releasing access to facilities or services is removed from the data processing unit 120.
  • the stored data are temporarily held in the data processing unit 120 and erased when the self-authenticating data card 200 is removed from the identity- verification apparatus 300.
  • the self-authenticating data card system 300 will be electrically connected to some physical barrier, such as a door lock, and, upon determination of a match between contemporaneously obtained biometric data and stored biometric data, will release the barrier, providing the card bearer access to a secured location.
  • some physical barrier such as a door lock
  • the data-processing unit 120 it is not necessary that the data-processing unit 120 have a display panel 122.
  • the self-authenticating data card system 300 will be used by security personnel who will personally verify the identity of the card bearer. In such applications, the data- processing unit 120 reveals all or a portion of the stored data on the display panel 122.
  • FIG. 5 shows the self-authenticating data card system 300 with the self- authenticating data card 200 inserted and after a match has been determined between the contemporaneously obtained biometric data and the stored biometric data.
  • the image is preferably not visible or recognizable to the naked eye on the self-authenticating data card 200. It is either distorted or simply not visible on the card. This is a measure to prevent unauthorized persons who have gained access to the self-authenticating data card 200 and who do not know the legitimate card bearer from imitating the appearance of the legitimate card bearer.
  • the self-authenticating data card system 300 shown in FIG. 5 shows a photographic image field 412 and a biographic data field 414.
  • the photographic image 412 is clearly visible and recognizable to the person viewing the display panel 122.
  • the image may be a three-dimension photograph that the person controlling the identity- verification apparatus 100 may rotate in order to obtain an image that enables a more reliable comparison with the image of the individual presenting the self-authenticating data card.
  • FIG. 6 is an illustration of a self-authenticating data card system 700 that comprises the same self-authenticating data card 200 described above, a modifed identity-verification apparatus 710, and a DNA test unit 740.
  • the stored biometric data includes a machine-readable sequence of DNA.
  • the identity-verification apparatus 710 includes a card insertion slot 730 for receiving the self-authenticating data card 200, a display panel 722 for displaying card bearer information after a match is determined between the stored DNA and contemporaneously provided DNA.
  • the DNA test unit 740 has a sensor 742 for receiving a DNA sample, which is typically a sample of saliva.
  • the DNA test unit 740 is a self-contained unit that incorporates a biosensor that employs near field surface enhanced Raman scattering for direct spectroscopic detection of hybridized DNA molecules.
  • the method of analysis and the apparatus are described in US Patent 6,376,177 B1 and the DNA test unit 740 corresponds to the apparatus disclosed in FIG. 1 of that patent.
  • the DNA test unit 720 transmits the results of the DNA test to the data lock programmed on the programmable chip 204.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Collating Specific Patterns (AREA)
  • Credit Cards Or The Like (AREA)

Abstract

Cette invention concerne un système de vérification d'identité (300) comprenant une carte d'identité à auto-identification (200) et un lecteur de cartes. La carte à auto-identification comprend un microcircuit intégré (204) qui renferme des données sur le titulaire autorisé de la carte, dont des données sur une caractéristique biométrique en mémoire telle qu'une empreinte digitale, une lecture rétinienne, une signature vocale ou une séquence d'ADN. La carte est également assortie d'un détecteur biométrique (202) qui détecte une caractéristique biométrique lue, et d'un verrou de données qui libère ces dernières s'il y a concordance entre la caractéristique biométrique mémorisée et la caractéristique biométrique appliquée (lue). Pour que l'auto-identification de la carte soit possible, il faut que titulaire fournisse la caractéristique biométrique. Lorsque ce dernier applique, par exemple, son doigt sur le détecteur, la caractéristique biométrique appliquée est une empreinte digitale. S'il les données correspondent, le verrou de données transmet les données stockées sur la carte au lecteur de cartes aux fins de traitement.
PCT/US2005/005849 2004-02-24 2005-02-24 Systeme de verification d'identite avec carte a auto-identifcation WO2005083532A1 (fr)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CA002507745A CA2507745A1 (fr) 2004-02-24 2005-02-24 Systeme de verification d'identite avec carte auto-identifiante

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US54737604P 2004-02-24 2004-02-24
US60/547,376 2004-02-24

Publications (1)

Publication Number Publication Date
WO2005083532A1 true WO2005083532A1 (fr) 2005-09-09

Family

ID=34886295

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/US2005/005849 WO2005083532A1 (fr) 2004-02-24 2005-02-24 Systeme de verification d'identite avec carte a auto-identifcation

Country Status (2)

Country Link
CA (1) CA2507745A1 (fr)
WO (1) WO2005083532A1 (fr)

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5756978A (en) * 1994-06-21 1998-05-26 Soltesz; John A. Modular optical memory card image display point of sale terminal
US6044349A (en) * 1998-06-19 2000-03-28 Intel Corporation Secure and convenient information storage and retrieval method and apparatus
US6095418A (en) * 1994-01-27 2000-08-01 Symbol Technologies, Inc. Apparatus for processing symbol-encoded document information
US6629591B1 (en) * 2001-01-12 2003-10-07 Igt Smart token

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6095418A (en) * 1994-01-27 2000-08-01 Symbol Technologies, Inc. Apparatus for processing symbol-encoded document information
US5756978A (en) * 1994-06-21 1998-05-26 Soltesz; John A. Modular optical memory card image display point of sale terminal
US6044349A (en) * 1998-06-19 2000-03-28 Intel Corporation Secure and convenient information storage and retrieval method and apparatus
US6629591B1 (en) * 2001-01-12 2003-10-07 Igt Smart token

Also Published As

Publication number Publication date
CA2507745A1 (fr) 2005-08-24

Similar Documents

Publication Publication Date Title
US20050212657A1 (en) Identity verification system with self-authenticating card
US7984849B2 (en) Portable magnetic stripe reader for criminality security applications
US9286461B2 (en) Multiface document
EP0903700B1 (fr) Système biométrique de temps et de présence à capacité de mise à jour épidermique topographique
US9529991B2 (en) Systems and methods for multi-factor remote user authentication
CN100437635C (zh) 安全的生物身份验证
US20060107067A1 (en) Identification card with bio-sensor and user authentication method
US20090266882A1 (en) Smart passport system for monitoring and recording activity and data relating to persons
US20050039014A1 (en) Electronic security system for monitoring and recording activity and data relating to persons
US20040050930A1 (en) Smart card with onboard authentication facility
US20090212902A1 (en) System and method for authorizing limited access
US20110266350A1 (en) Multiface document
JP2003271565A (ja) 本人認証システム、本人認証端末、読取装置および本人認証方法
US20170032231A1 (en) Multiface document
US7107457B2 (en) Optical card based system for individualized tracking and record keeping
US6912312B1 (en) Credit card verification system and method
US20090278660A1 (en) Credit card protection system
KR19980073694A (ko) 지문확인카드를 포함하는 무선주파수 신원확인시스템
WO2005083532A1 (fr) Systeme de verification d'identite avec carte a auto-identifcation
WO2012178186A1 (fr) Système et procédé d'identification et d'authentification
JP2001297064A (ja) 身分認証システム
AU2012200003B2 (en) Multiface document
US8915423B1 (en) System and method for verifying an individual's authorization to cross borders
Shoniregun et al. Applications of Biometrics
GB2401822A (en) Computer system with data carrier having biometric user identification

Legal Events

Date Code Title Description
WWE Wipo information: entry into national phase

Ref document number: 2507745

Country of ref document: CA

AK Designated states

Kind code of ref document: A1

Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BW BY BZ CA CH CN CO CR CU CZ DE DK DM DZ EC EE EG ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NA NI NO NZ OM PG PH PL PT RO RU SC SD SE SG SK SL SM SY TJ TM TN TR TT TZ UA UG US UZ VC VN YU ZA ZM ZW

AL Designated countries for regional patents

Kind code of ref document: A1

Designated state(s): GM KE LS MW MZ NA SD SL SZ TZ UG ZM ZW AM AZ BY KG KZ MD RU TJ TM AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HU IE IS IT LT LU MC NL PL PT RO SE SI SK TR BF BJ CF CG CI CM GA GN GQ GW ML MR NE SN TD TG

121 Ep: the epo has been informed by wipo that ep was designated in this application
122 Ep: pct application non-entry in european phase