WO2011024097A1 - Gestion d'identité biométrique dans le cadre de modalités ou d'applications - Google Patents

Gestion d'identité biométrique dans le cadre de modalités ou d'applications Download PDF

Info

Publication number
WO2011024097A1
WO2011024097A1 PCT/IB2010/053678 IB2010053678W WO2011024097A1 WO 2011024097 A1 WO2011024097 A1 WO 2011024097A1 IB 2010053678 W IB2010053678 W IB 2010053678W WO 2011024097 A1 WO2011024097 A1 WO 2011024097A1
Authority
WO
WIPO (PCT)
Prior art keywords
biometric
template
identity
biometric template
individual
Prior art date
Application number
PCT/IB2010/053678
Other languages
English (en)
Inventor
Dirk Jeroen Breebaart
Robert Paul Koster
Alphons Antonius Maria Lambertus Bruekers
Original Assignee
Koninklijke Philips Electronics N.V.
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Koninklijke Philips Electronics N.V. filed Critical Koninklijke Philips Electronics N.V.
Publication of WO2011024097A1 publication Critical patent/WO2011024097A1/fr

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/32User authentication using biometric data, e.g. fingerprints, iris scans or voiceprints
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C9/00Individual registration on entry or exit
    • G07C9/30Individual registration on entry or exit not involving the use of a pass
    • G07C9/32Individual registration on entry or exit not involving the use of a pass in combination with an identity check
    • G07C9/37Individual registration on entry or exit not involving the use of a pass in combination with an identity check using biometric data, e.g. fingerprints, iris scans or voice recognition

Definitions

  • the invention disclosed herein generally relates to authentication based on biometric information. More particularly, it relates to improved management of user information in biometric systems.
  • the process of authenticating a physical object is undertaken in many applications, such as conditional access to secure buildings or conditional access to digital data (e.g., stored in a computer or removable storage media), or for identification purposes (e.g., for authenticating an identified individual's participation in a particular activity, or for boarding passengers at an airport).
  • conditional access to secure buildings or conditional access to digital data e.g., stored in a computer or removable storage media
  • identification purposes e.g., for authenticating an identified individual's participation in a particular activity, or for boarding passengers at an airport.
  • biometrics for identification and/or authentication is considered to be a better option than traditional identification means such as passwords, PIN codes and authentication tokens.
  • biometric identification features that are unique to a user, such as fingerprints, irises, shape of ears, facial appearance, etc., are used to provide identification of the user.
  • the user again offers her biometric to the system, whereby the stored template is retrieved (and decrypted if required) and matching of the stored and a newly generated template is effectuated. If there is a good enough match, the user is considered authenticated.
  • the enrolment authority may coincide with the verifier, but they may also be distributed.
  • the biometric system is used for banking applications, then typically, all larger branches of the bank will be allowed to enroll new individuals into the system, such that a distributed enrolment authority is created.
  • the individual wishes to withdraw money from a bank office while using her biometric data as authentication, this office will assume the role of verifier.
  • the user makes a payment in a convenience store using her biometric data as authentication, the store will assume the role of the verifier, but it is unlikely that the store ever will act as enrolment authority.
  • biometric verification algorithms have been the supposedly enhanced security.
  • biometrics are assumed to be secret and difficult to spoof.
  • more recent insights have thrown doubts on these statements.
  • biometric characteristics cannot be regarded as secrets.
  • biometrics for convenience-driven rather than security-driven applications. Examples of such convenience-driven applications are personalized user interfaces, recommenders, atmospheres and the like.
  • biometric verification systems for security are often designed to operate on databases with thousands or millions of enrolled subjects.
  • Convenience-driven applications on the other hand, often operate on small databases with typically tens of users (for example in a home setting).
  • the convenience character dictates that registration procedures should be minimized.
  • a system should preferably operate without burdening its users with an imperative initial enrolment procedure.
  • the convenience character also suggests that users can be identified without any behavioral requirements such as placing a finger on a sensor, or posing in front of a camera. The system should operate in the background without influencing the subjects.
  • a method of enrolling an individual in a biometric system comprises the following steps, to be performed in any order:
  • the first biometric system may be one adapted to identify an individual using biometric information.
  • a self-configuring biometric system is adapted to the play the role of the second biometric system referred to in the above method.
  • enrolment is the process of associating a biometric template and an identity; a biometric system is delimited by the domain of validity of an enrolment; a correspondence between two biometric templates refers to both originating from the same physical person. A correspondence may be more or less certain, ranging from a conjecture to a fact established with the highest possible certainty. Correspondence can be assessed automatically while enrolment includes ascertaining the association, e.g., by checking an individual's identification document and/or by supervising the recording of the individual's biometric template.
  • verification may imply either that authentication of an individual is performed or that identification of an individual is performed.
  • authentication identity verification
  • the individual claims to have a certain identity and offered biometric data is compared with stored biometric data (associated with the claimed identity) in order to verify correspondence between the offered and stored data.
  • identification the offered biometric data is compared with a plurality of stored available biometric data sets, in order to verify correspondence between the offered and stored data.
  • the offered data is compared to one or more stored data sets.
  • the step of verifying an identity of the individual is based on matching the first biometric template to a third template, which has been previously stored in the first biometric system and is associated with the identity.
  • the third template then is the best match out of the templates known to the first biometric system and, preferably, it is ascertained that the degree of matching is greater than a predefined threshold level.
  • the matching may take place directly if the templates are available in clear.
  • an indirect matching may be performed, e.g., by means of a trusted application adapted to retrieve two indicated biometric templates and return a positive or negative match decision.
  • the above method of enrolling an individual in a biometric system further comprises the step of
  • the step of verifying an identity of the individual includes authenticating said claimed identity using the first biometric template.
  • the first biometric system may be one adapted to authenticate an individual, i.e., to verify her claimed identity, using biometric information.
  • the first biometric template may be matched to a third biometric template which has been previously stored and associated with the identity in the first biometric system. The third biometric template may be retrieved in response to a query for the identity; this constitutes an implicit positive match decision.
  • the second correspondence relates to spatial proximity, temporal proximity, or both, of respective acquisitions (recordings) of the first biometric template and the second biometric template.
  • the first biometric template and the second biometric template are recorded by recording means spatially arranged in such manner that the templates necessarily stem from the same individual, at least if the recordings take place nearby in time.
  • the recordings of the first biometric template and the third biometric template are simultaneous, thereby increasing the probability of a common origin.
  • the matching decision is based on a direct or an indirect comparison, it is advantageous to account for the fluctuating character of biometric measurements by not requiring strict equality for a positive match decision.
  • a tolerance may be set, in accordance with the actual biometric modality, the accuracy of the measuring devices etc., or "fuzzy" matching methods may be employed.
  • an individual's record in the database of a bio metric system may comprise more than one biometric template. Because this permits a greater number of comparisons, a low false rejection rate can be ensured without using a greater tolerance.
  • the recording of biometric information, in particular the second biometric template may be carried out over a time interval.
  • the time interval may be chosen in order to correspond to the presence of one person, i.e., it should not continue past an absence interval.
  • the recording time interval of a durative sensor may be synchronized with the activity of a momentary sensor to ensure that the data originate from the same individual.
  • the recordings should not be separated by a lapse of time exceeding a predetermined length.
  • a recording interval of the durative sensor may last up to a time instant at which the momentary sensor records a biometric template.
  • Embodiments of the invention may verify the second correspondence by establishing the existence of a chain of correspondences connecting the first and second biometric template.
  • the chain of correspondences may include data acquired by a third biometric system.
  • Each of the links in this chain may be associated with a certainty weight.
  • the certainty weight may indicate the strength of the correspondence.
  • the certainty of a correspondence may be expressed as a probability that the correspondence is of the highest certainty in the context of the biometric system; thus, the product of the certainty weights in a chain are an estimate of the strength of the correspondence between the ends of the chain.
  • the certainty weights may be fixed, each depending only on the pair of biometric systems involved in the acquisition of templates, or may vary with respect to other factors, such as the time interval or the spatial distance separating two measurements.
  • the enrolment decision whether to associate a biometric template to an identity and store these in a biometric system, may be governed by different criteria in different systems. For instance, a system for use in a security application may require a higher certainty for enrolling than a system aimed at a convenience application.
  • Certainty weights for a given pair of biometric systems may be set as a result of these systems interacting in a self-configuring manner.
  • a biometric system may establish that it shares a field of view with another biometric system or that it is located nearby in space.
  • macro data refers to different secondary quantities, such as the number of persons in a group or the presence of tracked features, which help characterize the context in which a biometric template is recorded.
  • the system may also establish a temporal correspondence, such as the typical time interval between two conformal measurements; a pattern if this kind may be observed, for instance, in a one-way corridor for pedestrians.
  • a method for identity verification uses a preliminary enrolment procedure.
  • the method performs identification with respect to identities of individuals having been enrolled in accordance with this preliminary procedure or enrolled in another fashion.
  • a method for identification based on biometric data matches a recorded biometric template against stored biometric templates, including those belonging to persons having been enrolled in accordance with the preliminary enrolment procedure; if a sufficiently close match is retrieved, the associated identity is returned.
  • figure 1 represents a method, in accordance with a first embodiment of the invention, of enrolling an individual in a biometric system
  • figure 2 represents a method, in accordance with a second embodiment of the invention, of enrolling an individual in a biometric system
  • figure 3 is a layout of a dwelling, in which several biometric systems are deployed.
  • figure 4 is a representation of the interactions of the biometric systems shown in figure 3.
  • Figure 1 shows a method of enrolling an individual in a biometric system without requiring participation from an enrolment authority.
  • Enrolment may take place by storing an identity 111 (II), recorded in a first biometric system 101, and a second biometric template 122 (T2), recorded in a second biometric system 102, in the second biometric system 102. Additionally, an association 141 between the identity 111 and the second biometric template 122 is established. It is known that an individual 199 has provided a first bio metric template 121 (Tl) to the first bio metric system 101.
  • Tl first bio metric template 121
  • the individual 199 has provided the second biometric template 122, and this is expressed as a correspondence 131 between the first biometric template 121 and the second biometric template 122.
  • the identity 111 is provided 132 by the first biometric system in response to a query for the first biometric template 121; more precisely, the identity 111 has been stored earlier in the first biometric system 101 in association with a third biometric template (not shown) that matches the first biometric template 121. Therefore, because it is possible to establish a chain of
  • the individual 199 has been enrolled in the second biometric system 102.
  • the method described above acquires a biometric template in a first biometric system; acquires a second biometric template in a second biometric system; verifies a correspondence of the first and the second templates; verifies the identity of the individual; and enrolls the individual in the second system by associating the identity to the second biometric template in this second biometric system.
  • the method can be carried out by an apparatus (or several connected apparatus) having functional means for extracting biometric templates, data storage means, data processing means, biometric matching means etc. It is noted that no particular partition of the apparatus carrying out the method is envisioned, but several functional means may be embodied as one physical unit. Thus, a multifunctional component, such as a programmable general-purpose central processing unit, may be used for performing several steps of the method. For instance, such an apparatus, or system, could be arranged with microprocessors or other similar electronic equipment having computing capabilities, for example
  • programmable logic devices such as ASICs, FPGAs, CPLDs, etc.
  • microprocessors may execute appropriate software stored in memories, on discs or on other suitable media for accomplishing tasks of the present invention.
  • Figure 2 shows another method of enrolling an individual in a biometric system without assistance from an enrolment authority.
  • An individual 299 provides a first biometric template 221 (Tl) and a claimed identity 212 (II) to a first biometric system 201.
  • Another individual - and it will be verified later that she is in fact identical to the individual 299 - provides a second biometric template 222 (T2) to a second biometric system 202.
  • the first biometric system 201 verifies the claimed identity 212 by retrieving a third biometric template (not shown), which has been previously stored in the first biometric system 201 and associated with the identity 212, and compares this with the first biometric template 221.
  • the claimed identity 212 is verified 232 by the first biometric system 201.
  • a correspondence 231 between the first and second biometric templates 221, 222 is verified based on the nature of the first and second biometric systems 201, 202.
  • the second biometric template 222 corresponds (via the first biometric template 221) to the claimed and verified identity 232, and an association 241 can be established: both the identity 212 and the second biometric template 222 originate from the individual 299.
  • enrolment of the individual 299 in the second biometric system 202 takes place upon storing the second biometric template 222, the identity 212 and the association 241 therein.
  • Figure 3 shows a dwelling 300 consisting of three rooms Rl, R2, R3, in which two users Hl, H2 can move freely. Three doorways connect the rooms, and a fourth doorway is an entrance from outside into the third room R3.
  • a sensor corresponding to each of four biometric systems PPl, PP2, PP3, PP4 is provided at each of the first, second, third and fourth doorways. The sensors may be adapted to record, e.g., the height of persons passing through the doorways.
  • a television set in the first room Rl is equipped with a face sensor belonging to a fifth biometric system TV, which is additionally adapted to perform enrolment by recording an identity and storing it in association with a biometric template.
  • the biometric systems are communicatively coupled to a network that allows them to exchange queries and other communications, and are to some extent aware of their degree of spatial proximity.
  • the sensor of the fifth biometric system TV is likely to record biometric templates correlated with those recorded by the sensors of the first and second systems PPl, PP2, for the latter are provided at the doorways of the first room Rl, in which the fifth biometric system TV is located.
  • This potential correspondence between the recordings of the first and fifth biometric systems PPl, TV is expressed as a first internal state II
  • the potential correspondence between recordings of the second and fifth biometric systems PP2 TV is expressed as a second internal state 12.
  • Biometric templates X, Z, Y and K are shown as circles 421, 422, 423, 424, and the identity ID-H2 of the user H2 is also shown as a circle 411.
  • the user H2 enters room R3 through the external door, and system PP4 extracts 431 a biometric template X.
  • Template X is stored together with the time of recording by system PP4, which also broadcasts a query for template X. No other system has recorded template X, and so, system PP4 obtains no response.
  • system TV which extracts 434 biometric template Y.
  • Systems PPl and PP4 then returns 435 templates Z and X, respectively, with time stamps.
  • system TV deduces a correspondence 436 between templates Y and Z.
  • the correspondence 436 is
  • identity ID-H2 and template Z are linked by a chain of two correspondences, one 'high' and one 'certain', which implies that the chain as a whole has certainty 'high'.
  • PP2 obtains no answer to its query for template K, while its query for any recent template causes PPl, PP4 and TV to return 439 templates Z, X and Y, respectively. Since systems PP2 and TV are linked by the internal state 12 and the recordings of templates are fairly close in time, PP2 establishes a 'likely' (the lowest degree of certainty)
  • system PP2 is configured to accept enrolments based on 'likely' correspondences, it enrolls user H2 by associating 442 identity ID-H2 and template K and storing these.
  • the various biometric systems may have made further queries even in the absence of detection activity.
  • This allows each system to enroll new users (e.g., system PPl would be able to enroll template Z in association with identity ID-H2, provided system PPl accepts enrolments based on a 'high' correspondence) or to increase the amount of information stored for each enrolled user. As already noted, this may help decrease the false rejection rate without lowering the reliability of the system.
  • the systems PPl, PP2, PP3, PP4 and TV may also create new internal states based on correlations established a posteriori between the template recordings.
  • the information gathered by the biometric systems may be used as triggers to other systems in the dwelling; e.g., a height sensor detecting the presence of a small individual may alert a child alarm if no accompanying adult is observed.
  • the communications over a network of cooperating biometric systems according to the invention may be tailored to fit the needs of particular applications, with emphasis on high reliability, low false rejection rate, user convenience or some other aspect.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Human Computer Interaction (AREA)
  • Collating Specific Patterns (AREA)

Abstract

La présente invention se rapporte à un système d'enregistrement d'un individu dans un système biométrique, le système comprenant : l'acquisition, dans un premier système biométrique, d'un premier modèle biométrique d'un individu ; l'acquisition, dans un second système biométrique, d'un second modèle biométrique ; la vérification d'une correspondance entre le premier modèle biométrique et le second modèle biométrique ; la vérification, dans le premier système biométrique, d'une identité de l'individu ; et l'association de ladite identité au second modèle biométrique dans le second système biométrique, ce qui permet ainsi à l'individu d'être enregistré dans ledit second système. Le premier système biométrique peut être un système d'identification. Dans un mode de réalisation particulier de l'invention, le procédé comprend par ailleurs l'étape consistant à acquérir, dans le premier système biométrique, une identité revendiquée comme correspondant au premier modèle biométrique, l'étape de vérification d'une identité de l'individu consistant à authentifier ladite identité revendiquée au moyen du premier modèle biométrique. Dans ce mode de réalisation, le premier système biométrique peut être un système d'authentification.
PCT/IB2010/053678 2009-08-27 2010-08-16 Gestion d'identité biométrique dans le cadre de modalités ou d'applications WO2011024097A1 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
EP09168836.6 2009-08-27
EP09168836 2009-08-27

Publications (1)

Publication Number Publication Date
WO2011024097A1 true WO2011024097A1 (fr) 2011-03-03

Family

ID=42829082

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/IB2010/053678 WO2011024097A1 (fr) 2009-08-27 2010-08-16 Gestion d'identité biométrique dans le cadre de modalités ou d'applications

Country Status (1)

Country Link
WO (1) WO2011024097A1 (fr)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP3699790A1 (fr) * 2019-02-19 2020-08-26 Nxp B.V. Procédé d'activation d'un modèle biométrique

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20050216340A1 (en) * 2004-03-03 2005-09-29 Schneider John K Biometric loyalty transaction system and method
WO2005122467A1 (fr) * 2004-06-09 2005-12-22 Koninklijke Philips Electronics N.V. Protection de modeles biometriques et gestion de caracteristiques
US20060112278A1 (en) * 2004-11-19 2006-05-25 Cohen Mark S Method and system for biometric authentication of user feedback
US20080122578A1 (en) * 2006-06-27 2008-05-29 Hoyos Hector T Ensuring the provenance of passengers at a transportation facility

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20050216340A1 (en) * 2004-03-03 2005-09-29 Schneider John K Biometric loyalty transaction system and method
WO2005122467A1 (fr) * 2004-06-09 2005-12-22 Koninklijke Philips Electronics N.V. Protection de modeles biometriques et gestion de caracteristiques
US20060112278A1 (en) * 2004-11-19 2006-05-25 Cohen Mark S Method and system for biometric authentication of user feedback
US20080122578A1 (en) * 2006-06-27 2008-05-29 Hoyos Hector T Ensuring the provenance of passengers at a transportation facility

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP3699790A1 (fr) * 2019-02-19 2020-08-26 Nxp B.V. Procédé d'activation d'un modèle biométrique
US11321437B2 (en) 2019-02-19 2022-05-03 Nxp B.V. Method for enabling a biometric template

Similar Documents

Publication Publication Date Title
Pankanti et al. Biometrics: The future of identification [guest eeditors' introduction]
JP3356144B2 (ja) バイオメトリクスを用いるユーザ認証装置及びそれに用いるユーザ認証方法
US7725732B1 (en) Object authentication system
US7278028B1 (en) Systems and methods for cross-hatching biometrics with other identifying data
Matyas et al. Toward reliable user authentication through biometrics
US20140313007A1 (en) Conditional and situational biometric authentication and enrollment
US11496471B2 (en) Mobile enrollment using a known biometric
CN101872436A (zh) 多人同步指纹验证的方法
Asha et al. Biometrics: an overview of the technology, issues and applications
Dass Fingerprint‐Based Recognition
Dhir et al. Biometric recognition: A modern era for security
US20150100493A1 (en) EyeWatch credit card fraud prevention system
CN106710033B (zh) 一种门禁的开启方法和装置
Okokpujie et al. An enhanced voters registration and authentication application using Iris recognition technology
WO2011024097A1 (fr) Gestion d'identité biométrique dans le cadre de modalités ou d'applications
US8442277B1 (en) Identity authentication system for controlling egress of an individual visiting a facility
Bobde et al. Face recognition technology
Han et al. Generation of reliable PINs from fingerprints
Nakanishi et al. Advancing the state-of-the-art in transportation security identification and verification technologies: Biometric and multibiometric systems
EP4002166B1 (fr) Procédé et système d'authentification biométrique pour un grand nombre de personnes inscrites
US20240038010A1 (en) Access control to secured locations using relaxed biometrics
Bhargavi et al. Election voting system using mobile m-voting
Thamizharasan et al. Integration of biometric sensor with aadhar for voting process
Vasanthi et al. Biometric-based Smart Electronic Voting System Using Internet of Things
Lin et al. Biometric authentication

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 10752420

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 10752420

Country of ref document: EP

Kind code of ref document: A1